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INFORMATION SHARING SYSTEM 



(57) The present invention relates to an information 
sharing system. 

An information sharing system employs the secret 
key cryptography and public key cryptography, wherein 
a secret key can be shared within at least a group, the 
information sharing system comprising: an information 
storing device which can at least be accessed by multi- 
ple members, and which is capable of storing the signa- 
ture of the team master, a member list including public 
key information regarding members, a secret key list 
including encrypted key information, and encrypted 
data; a storing unit for storing the public key for at least 
one member which is permitted to view information; an 
encryption unit for encrypting input information based 
on the secret key cryptography which uses a secret key 
for encrypting information, thereby generating 
encrypted data; an encrypted key generation unit for 
encrypting the secret key used for encryption with a 
public key stored in the storing unit and specified, 
thereby creating an encryption key; a transmitting unit 
for transmitting the plurality of encrypted keys and 
encrypted data to the information storing device; a list 



administration unit which obtains a member list from the 
information storing device, judges whether or not the 
signature of the team master of the member list 
matches the specified signature, performs registration 
of public keys of members to be added or deletion of 
public keys of members canceling membership only in 
the event that the signatures match, and in the event of 
additional registration or cancellation, creates a new 
member list including at least the signature of the team 
master and public key information of members, and 
transmits the created member list to the information 
storing device; and an encryption/decryption device 
which has a decrypting unit for obtaining desired 
encrypted key information and encrypted data from the 
information storing device, decrypting the secret key 
from this encrypted key information, and decrypting the 
obtained encrypted data with the decrypted secret key. 
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Description 

FIELD OF THE INVENTION 

[0001] The purpose of this invention is to share an 5 
information among multiple users and to offer such an 
information sharing system, its processing method and 
a record medium, in order to prevent peeping and tam- 
pering of an information. 

10 

DESCRIPTION OF THE RELATED ART 

[0002] Various digital information came to be used 
on the computer network according to the development 
of the computer network technology in recent years. 15 
However, peeping and tampering of these digital infor- 
mation by others are easy in the network on the compu- 
ter. 

Therefore, user's private information or business infor- 
mation etc. which especially must be kept confidentially 20 
is necessary to be acquired, transmitted, processed 
and recorded after encrypting by using an encryption 
technique. 

The secret key cryptography, such as data encryption 
standard (DES), etc., was developed to encrypt such 25 
information, which must be kept confidentially. 
In this system, it was necessary to deliver and record 
the encryption key, which encrypts data, in order to 
share it among users and to prevent acquiring by other 
users. 30 
Therefore, an unit, which delivers the encryption key 
that is encrypted by another encryption key, is proposed 
to prevent peeping, tampering or acquiring this encryp- 
tion key. 

When there are multiple users, who want to share a cer- 35 
tain information, in order to encrypt said information by 
the process above, it is necessary to use a key adminis- 
tration system which administrates these encryption 
keys and the keys which are used to encrypt said 
encryption keys, a group administration server wherein 40 
the users sharing information are grouped and adminis- 
trated, and an access controlling unit for information, 
etc. 

When the data needed to be kept confidentially is 
shared in a specific group like this, the secret key 45 
administration is done by a server, and a server admin- 
istrator is assigned in this server. 
However, if the server administrator is not included in 
the specific group, it is possible to peep the data without 
any hindrances. so 
Moreover, if the server administrator is included in the 
specific group, he can change the group member with 
his own decision and therefore, it can not be said that it 
is sure enough in data administration. 

55 

SUMMARY OF THE INVENTION 

[0003] Therefore, one of the purposes of this inven- 



tion is to offer an information sharing system, its 
processing method and record media, which prevents 
peeping or tampering of information by the administra- 
tors, who are engaging in a database storing encrypted 
information, a server or a file system etc. 
In the present invention, the purpose is accomplished 
by an information sharing system which employs the 
secret key cryptography and public key cryptography, 
wherein the secret key can be shared within at least a 
group, and said information sharing system comprising: 

an information storing device which can be 
accessed by at least multiple members, and is 
capable of storing a signature of the team master, a 
member list including public key information regard- 
ing members, a secret key list including an 
encrypted key information, and encrypted data; 
a memory unit for memorizing the public key for at 
least one member who is permitted to view informa- 
tion; 

an encryption unit for generating encrypted data by 
encrypting input information based on said secret 
key cryptography which uses the secret key for 
encrypting an information; 

an encrypted key generation unit for generating an 
encrypted key by encrypting the secret key by using 
a specified public key which is memorized in said 
memory unit; 

a transmitting unit for transmitting said multiple 
encrypted keys and encrypted data to said informa- 
tion storing device; 

a list administration unit which obtains the member 
list from said information storing device, judges 
whether or not the signature of the team master of 
said member list matches the specific signature, 
performs registration of public keys of members to 
be added or deletion of public keys of members 
canceling membership only in the event that said 
signatures match, and in the event of additional reg- 
istration or cancellation, generates the new mem- 
ber list including at least the signature of the team 
master and the public key information of members, 
and transmits the generated member list to said 
information storing device; and 
an encryption/decryption device which has a 
decryption unit for obtaining desired encrypted key 
information and encrypted data from said informa- 
tion storing device, decrypting said secret key from 
this encrypted key information, and decrypting the 
obtained encrypted data with the decrypted secret 
key. 

[0004] According to this invention, it is possible to 
share the secret key in the group and there is no possi- 
bility to be seen by the group administrator who is 
engaged in the database storing encrypted data, the 
server or the file system. 

[0005] Moreover, according to this invention, the 
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purpose is accomplished by an information tamper 
detection device having a sending terminal located at 
the sender side, and a receiving terminal located at the 
recipient side which is connected with said sending ter- 
minal by a network, whereby information is sent and 5 
received between said sending terminal and receiving 
terminal, said information tamper detection device com- 
prising: 

a received contents confirmation data creation unit w 
for creating received contents confirmation data 
indicating that said receiving side terminal has con- 
firmed recipient of said data; 
a transmitting unit for transmitting said received 
contents confirmation data by said network; 15 
a receiving unit for receiving said received contents 
confirmation data by said network; and 
an information tamper detection unit which com- 
pares said data sent from said sender terminal with 
said received contents confirmation data, and 20 
detects tampering by the comparison results. 

[0006] According to this invention, since this infor- 
mation tamper detection device is constituted by using 
the received contents confirmation data and the trans- 25 
mitted contents confirmation data, the informational 
tampering is detectable even if it is a terminal which has 
not right to carry out the decryption of the received data. 
According to this invention, the purpose is accom- 
plished by an encryption device comprising a key 30 
encryption unit and an encryption unit; 



[0007] According to this invention, since it does not 50 
carry out tamper detection information for every plain 
text but carry out key information as tamper detection 
information for the secret key which encrypts each plain 
texts and consequently, it was enabled to detect tamper- 
ing and to confirm himself who carried out the secret 55 
key, it can decrease the overhead of encryption informa- 
tion in which every information were encrypted. Conse- 
quently, such a loading to the network when the 



encrypted information is transmitted, and a required 
capacity of the memory unit when an encryption infor- 
mation is stored, can be decreased. 
[0008] Moreover, according to this invention, the 
purpose is accomplished by a team data list administra- 
tion device for administration of team data lists for hier- 
archical ordering of the team, said device comprising; 

a authentication unit for requesting operation of 
team data list to a certain request destination, and 
according to the operation request, obtaining from 
the request destination the following for each team 
from the team which is the object of operation to the 
root team; 

authority data including the identifier indicating the 
parent team of own team, and the digital signature 
of the administrator of said parent team; 
and 

a team data list having an authority list including 
administrator information relating to authorized 
administrator personnel of sub-teams under own 
team, and the digital signature of the team master 
which is the administrator of own team or the 
administrator of the parent team; 
wherein confirmation is made for each team while 
backtracking the obtained team to said root team 
using said identifier, that there has been no tamper- 
ing with the digital signature on said team data list 
and that the signature is that of one having authority 
using said administrator information; 
a team data list modification unit for changing said 
team data list according to said operation request, 
once the validity thereof has been confirmed by 
said authentication unit; and 
a signing unit for creating the digital signature of the 
individual instructing said operation request and 
attaching said digital signature said changed team 
data list, and sending this to said request destina- 
tion. 

[0009] According to this invention, it is possible to 
create sub-teams under each teams and construct hier- 
archical ordered teams by using team data lists includ- 
ing authority lists and authority data 
[0010] Moreover, according to this invention, the 
purpose of this invention is accomplished by a member 
list administration device in a broadcast communication 
system, said system comprising: 

an encrypted massage generating device which 
creates encrypted message including encrypted 
information, the formation which is formed by 
encrypting information to be sent; 
a member list administration device performing 
administration of members lists including public 
keys of members, who are recipient of the broad- 
cast; 

an encrypted message decrypting device which 



15 



said key encryption unit comprising: 

a secret key obtaining unit for either obtaining or 

generating a secret key used for encryption 35 

employing the secret key cryptography; 

a secret key encryption unit for encoding said 

secret key employing the public key cryptography 

so as to create an encrypted secret key; and 

a first secret key tamper detection code creation 40 

unit for creating key code from said secret key, to be 

used for secret key tamper detection; 

and said encryption unit comprising: 

a data encrypting unit for encrypting plain text using 

said secret key to create encrypted text; and 45 

a first data tamper detection code creation unit for 

creating first data tamper detection code from said 

plain text. 



4 



5 



EP 1 083 699 A1 



6 



decrypts said encrypted message; and 
an message broadcast device which receives code 
information sent from said encrypted message gen- 
erating device and distributes said code information 
to one or more of said encrypted message decrypt- 5 
ing devices, based on said member list; 
said member list administration device comprising: 
a list creating unit for creating a member list includ- 
ing the public key(s) of one or more members for 
broadcast communication; and w 
a public key administration unit for obtaining and 
saving said public keys. 

[0011] According to this invention, since an 
encrypted information is not decrypted at the message 15 
broadcast device in this system, it becomes to prevent 
improper acts, such as leakage and tampering, of con- 
tents of broadcast communication by administrators of 
the message broadcast device and to be sharable only 
to the member with the need of sharing an information 20 
truly said contents of broadcast communication . 
[0012] Moreover, according to this invention, the 
purpose of this invention is accomplished by a team 
data list administration device, comprising: 

25 

a list creator verification unit for notifying a certain 
request destination of information for performing 
personal identification/authentication regarding a 
director of modification, the team data list which 
includes information relating to a team comprised of 30 
members mutually sharing resources and the dig- 
ital signature of the master having administrative 
privilege regarding said information and which has 
been prepared according to the privilege of the 
members of the team is obtained from said request 35 
destination, and for verifying whether or not a mas- 
ter having privilege created said team data list, 
based on the contents of said received team data 
list; 

a list modification unit for changing said team data 40 
list which has been verified to be the team data list 
created by said master having privilege, according 
to said change request; and 
a digital signature unit for creating the digital signa- 
ture of the individual instructing the change, and 45 
attaching said digital signature to the changed team 
data list and sending said team data list to said 
request destination. 

[0013] According to this invention, the team data 50 
administration device above acquires the team data list 
of the master list being saved in the server etc. and the 
member list etc. responding to the change request from 
the master with the just permission, and returns these 
lists adding required changes to request destination 55 
after confirming these lists being justly created by said 
master having permission. Therefore, it can detect to 
operate unjustly data lists by ones having not proper 



permission i.e., general members except the master, 
the administrator of the server and crackers etc. 

BRIEF DESCRIPTION OF THE DRAWINGS 
[0014] 

Figure 1 shows the basic construction of informa- 
tion sharing system in Example 1 . 
Figure 2 shows the block diagram indicating the 
construction example of the encryption/decryption 
device in Example 1 . 

Figure 3 shows the construction example of the 
decryption unit in Figure 2. 

Figure 4 shows various lists stored in WWW server. 
Figure 5 shows the explanation of the detailed func- 
tion of DBMS in WWW server as the informational 
administration device in Example 1 . 
Figure 6 shows the explanation of the registration 
example of the public key ID for the group when the 
secret key is shared within the group. 
Figure 7 shows the explanation of the registration 
example of the secret key when the secret key is 
shared within the group. 

Figure 8 shows the explanation of the operational 
example of encryption of data when the secret key 
is shared within the group. 

Figure 9 shows the explanation of the operational 
example of encryption of data when the secret key 
is shared with the respectively selected user. 
Figure 10 shows the explanation of the operational 
example of decryption of data. 
Figure 1 1 shows a block diagram explaining the 
theory of operation of the information tamper detec- 
tion device in Example 2. 

Figure 12 shows the block diagram indicating the 
construction of the information tamper detection 
device in Example 2. 

Figure 13 shows the flow chart explaining the oper- 
ation of the received contents confirmation data 
verification unit 103)3 in Figure 12. 
Figure 1 4 shows the flow chart explaining the oper- 
ation of the sent contents confirmation data crea- 
tion unit 104(3 in Figure 12. 

Figure 15 shows the flow chart explaining the oper- 
ation of the received contents confirmation data 
creation unit 202)3 in figure 12. 
Figure 1 6 shows the flow chart explaining the oper- 
ation of the sent contents confirmation data verifi- 
cation unit 205(3 in Figure 12. 
Figure 17 shows the explanation of the theory of 
operation of the usual information tamper detection 
device. 

Figure 18 shows the explanation of faults of the 
usual information tamper detection device. 
Figure 19 shows the block diagram indicating the 
construction of the encryption/decryption device as 
one of the enforcement form of invention in Exam- 
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pie 3-1 to 3-3. 
Figure 20 shows one of the utilization form of inven- 
tion in Example 3-1 to 3-3. 

Figure 21 shows the flow chart explaining the oper- 
ation concerning encryption. 5 
Figure 22 shows the construction indicating infor- 
mation before encryption and encrypted informa- 
tion. 

Figure 23 shows the flow chart explaining the oper- 
ation concerning decryption. w 
Figure 24 shows the flow chart explaining the oper- 
ation when other information is added to the 
encrypted information. 

Figure 25 shows the construction of encrypted 
information before and after when other information 15 
is added to encrypted information. 
Figure 26 shows the flow chart explaining the oper- 
ation when data sharing member B permits the 
addition of data sharing member C to the same 
team. 20 
Figure 27 shows the construction of the encrypted 
information before and after when information shar- 
ing member C is added to the team. 
Figure 28 shows the flow chart explaining the oper- 
ation when the information sharing member is 25 
deleted from the team. 

Figure 29 shows the construction of encrypted 

information before and after when the information 

sharing member A is deleted from the team. 

Figure 30 shows the information memorized in the 30 

information storing device in Example 3-1 . 

Figure 31 shows the information memorized in the 

information storing device when the information is 

added in Example 3-2. 

Figure 32 shows the example of display of the 35 
schedule after decryption in Example 3-3. 
Figure 33 shows the flow chart explaining the oper- 
ation of encryption by the usual encryption/digital 
signature method. 

Figure 34 shows the flow chart explaining the oper- 40 
ation of decryption by the usual encryption/digital 
signature method. 

Figure 35 shows the construction the information 
before encryption and the encrypted information by 
the encryption method indicated in Japanese Pat- 45 
ent Laid-Open Hei 8-156964. 
Figure 36 shows the construction the information 
before encryption and the encrypted information by 
the encryption method indicated in Japanese Pat- 
ent Laid-Open Hei 9-71388. 50 
Figure 37 shows the block diagram indicating the 
construction of the system having the team data list 
administration device and the team data list storing 
device in Example 4-1 . 

Figure 38 A, B, C and D show structures of the 55 
team data lists memorized at the server side where 
the team data list storing device is installed, in 
Example 4-1 . 



Figure 39 shows one example of the hierarchical 
orderings of teams in Example 4-1 . 
Figure 40 shows the explanation filled detailed val- 
ues of team data lists about each team in hierarchi- 
cal ordering teams in Figure 39. 
Figure 41 shows the explanation indicating the 
process to create sub-teams in Example 4-1 . 
Figure 42 shows the explanation indicating the 
process of the authority confirmation function in the 
server side when creation of subteams is required 
in the process in Figure 41. 

Figure 43 shows the explanation indicating the 
process concerning list authentication request at 
client side operated in the process in Figure 41 . 
Figure 44 shows the explanation indicating the 
process when the privilege of the team data list, 
which is created newly in the client side, is con- 
firmed in the server side, in the process in Figure 
41. 

Figure 45 shows the explanation indicating the 
process of modification the team master of the sub- 
team in Example 4-1. 

Figure 46 shows the explanation indicating the 
process of modification (deletion) of the creation 
privilege of sub-authority in Example 4-1 . 
Figure 47 shows the explanation indicating the 
process of deletion the sub-team in Example 4-1 . 
Figure 48 shows the explanation indicating the 
process of the method called Shake Hand or Chal- 
lenge Response which is used by the server when 
the privilege of users in the client side is confirmed. 
Figure 49 shows the explanation indicating one 
example of the hierarchical orderings of teams in 
Example 4-2. 

Figure 50 shows the explanation indicating one 
example of the hierarchical orderings of teams in 
Example 4-3. 

Figure 51 shows the block diagram of the construc- 
tion of the usual system doing information sharing 
by utilizing the access control lists. 
Figure 52 shows the scheme of the broadcast com- 
munication system in Example 5. 
Figure 53 shows the example of the general mem- 
ber list. 

Figure 54 shows one example of the member list 
constituted by the multiple lists. 
Figure 55 shows the operational form of the mem- 
ber list administration device of this invention. 
Figure 56 shows the flow chart of the operation of 
the list creation unit. 

Figure 57 shows the operational form of the 
encrypted message creation device in Example 5. 
Figure 58 shows the process the encryp- 
tion/decryption in the broadcast communication 
system in Example 5. 

Figure 59 shows the explanation of the scheme of 
the multiple parts sending and the multiple parts 
receiving of the broadcast communication system 
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in Example 5. 

Figure 60 shows the operational form of the encryp- 
tion/decryption device in Example 5. 
Figure 61 shows the operational form of the mes- 
sage broadcast device in Example 5. 5 
Figure 62 shows the operational example in which 
the broadcast communication system in Example 5 
is applied to the distribution system of stock news. 
Figure 63 shows one example of the broadcast 
communication system of this invention utilizing the w 
mailing list server. 

Figure 64 shows the explanation of the scheme of 
the usual broadcast communication system. 
Figure 65 shows the explanation of the scheme of 
the broadcast communication system disclosed in 15 
Japanese Patent Laid-open Hei 7-245605. 
Figure 66 shows the block diagram of the system 
construction having the team data list administra- 
tion device and the team data list storing device in 
one example of Example 6. 20 
Figure 67 is the first figure to explain the premised 
technology in Example 6 and shows the block dia- 
gram of the construction dividing the member list 
administration unit and the member list storing unit 
between the client and the server. 25 
Figure 68 is the second figure to explain the prem- 
ised technology in Example 6 and shows the expla- 
nation of the process when the member in the 
member list in the server is modified by the request 
of the client side. 30 
Figure 69 shows the explanation of the process of 
the method called Shake Hand or Challenge 
Response, which is used by the server, when the 
authority of users in the client side is confirmed. 
Figure 70 shows the explanation of the process 35 
concerning the member change when the mem- 
bers are administrated by the multiple administra- 
tors, in the performance foam in Figure 69. 
Figure 71 shows the flow chart of the process of the 
confirming the list creator being done in the client 40 
side in the performance form in Figure 69. 
Figure 72 shows the explanation of the process 
concerning the sub-master change when the mem- 
bers are administrated by the multiple administra- 
tors in the performance foam in Figure 69. 45 
Figure 73 shows the explanation of the process 
concerning the team master change when the 
members are administrated by the multiple admin- 
istrators in the performance foam in Figure 69. 
Figure 74 shows the flow chart of the process of the 50 
privilege confirming being done in the server side 
when the team master is changed in Figure 73 in 
the performance foam in Figure 69. 
Figure 75 shows the explanation of the situation of 
the team master list and the team member list being 55 
compared and collated at the each step in Figure 
74 when the privilege confirmation is done in the 
performance form in Figure 69. 



Figure 76 shows the block diagram of the construc- 
tion of the usual system doing the information shar- 
ing by utilizing the access control list. 
Figure 77 shows the explanation of the process 
done between the client and the server to share the 
information only with the members belonging to the 
specific group. 

DESCRIPTION OF PREFERRED EMBODIMENT 

[0015] The following Examples do not restricted the 
claims of this invention and all of the combinations of 
characteristics explained in Example is not necessary to 
accomplish the object. 

Example 1 

[0016] The invention of Example 1 aimed at the 
information sharing between multiple users and relates 
to the information sharing system, its processing 
method and the record medium to prevent peeping and 
tampering of the information. 

The following techniques are usually known regarding 
to the invention of Example 1 . 

According to the development of recent computer net- 
work technique, various digital information have been 
used on computer networks. 

[0017] However, it is easy for others to peep or 
tamper these digital information on computers or net- 
works. 

Therefore, it is necessary to retrieve, transfer, process 
and record for the user's private information or business 
information, etc. which especially needs to be kept 
secret, after encrypting these information by using 
encryption technology. 

[0018] In order to encrypt such information that 
needs to be kept secret, the secret key encryption sys- 
tems, such as Data Encryption Standard (DES) etc., 
were developed. 

In this system, to share the data encryption key 
between them, users should distribute and record said 
key without others intercepting it. 
Therefore, in order to prevent the peeping, tampering 
and acquirement of the encrypted key above, the dis- 
tributing method, which uses the encrypted key which is 
encrypted again by other encryption key, is proposed. 
[0019] When there are the multiple users who want 
to share a certain information, in order to encrypt the 
information by the method above, it is necessary to uti- 
lize the key administration system which administrates 
these encrypted keys or keys which encrypt said 
encrypted keys, the group administration server which 
administrates the users sharing the information by 
grouping and the access controlling unit for information, 
etc. 

Thus, when the secret data are shared by the desig- 
nated group, the secret key administration has been 
done in the server and the server administrator is 
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assigned. 

[0020] However, when the server administrator 
above is not in the designated group above, he can 
peep the data without any hindrance. 
Moreover, though the server administrator above is 5 
included in the designated group above, he can change 
the group members at his own decision and it cannot be 
said that it is faultless on administration of data. 
[0021] The present invention has been done in 
such situation above and the purpose is to offer the w 
information sharing system which can prevent the peep- 
ing and tampering the contents of said information by 
the administrators who are engaging in the database 
storing the encrypted information, the server and the file 
system, etc., and its processing method and record 15 
mediums. 

[0022] According to the invention of Example 1 , for 
example, the secret key cryptography and public key 
cryptography are used together in order to keep confi- 
dentiality of the information which multiple users want to 20 
share. The inputted information is encrypted by the 
secret key encryption method using the secret key. 
[0023] Moreover, according to this invention, for 
example, it becomes possible to realize the information 
sharing system on the net work. 25 
In this system, at least the signature of the team master, 
the member list including public key information of 
members, the secret key list including the encrypted key 
information and an encrypted data, are served in the 
information storing device on which at least multiple 30 
members can access. When the additional registration 
of the member belonging in the group is done, the mem- 
ber list is obtained from the information storing device 
and it is judged whether or not the signature of the 
group administrator of the member list matches the des- 35 
ignated signature. 

Then, only in the event that said signature matches, the 
new member list which includes at least the signature of 
the team master and the member public key information 
is made and said member list is transmitted to the infor- 40 
mation storing device and stored. 
[0024] Moreover, when the registration of the secret 
key utilized by the group member is done, the member 
list is acquired from the information storing device and it 
is checked that whether or not the signature of the team 45 
master of the member list matches the designated sig- 
nature. 

Then, only in the event that said signature matches, the 
secret key, which must be registered, is encrypted by 
using the specified public key and said encrypted secret 50 
key is transmitted to the information storing device and 
stored. 

[0025] Moreover, when the data is encrypted by 
using the secret key, at least the encrypted key mes- 
sage is retrieved from the secret key list in the informa- 55 
tion storing device and the secret key is decrypted by 
said encrypted key information. 

Then, the inputted message is encrypted based on the 



secret key cryptography by using the decrypted secret 
key to create the encrypted data, and this data is trans- 
mitted to the information storing device and stored. 
[0026] Moreover, when data is decrypted, the 
requested encrypted key message and encrypted data 
are retrieved from the information storing device and the 
secret key is decrypted by using said encrypted key 
message. 

Then, the encrypted data obtained by the decrypted 
secret key is decrypted. 

[0027] Moreover, when the member list manipula- 
tion is requested, the member list manipulation corre- 
sponding to the request is done in the information 
storing device by the group administration method. 
Moreover, when the secret key registration is requested, 
the requested secret key is registered with including its 
encrypted key message. Moreover, when the secret key 
is requested, the most suitable secret key for informa- 
tion sharing in the designated group is selected by the 
secret key administration unit and is transmitted to the 
claimant. 

Moreover, when the encrypted data registration is 
requested, the encrypted data is stored with the secret 
key message used in encryption of such data, in the 
encrypted data administration unit. Moreover, when the 
encrypted data obtaining is requested, the stored 
encrypted data and the secret key message are trans- 
mitted to the claimant. 

[0028] Hereafter, Example 1 is explained in detail 
with relating to the figures. 

Figure 1 shows a basic topology of the information shar- 
ing system in the present invention, and Figure 2 shows 
a block diagram indicating the example topology of the 
encryption/decryption device in the present invention. 
[0029] As shown in Figure 1, the information shar- 
ing system of the present example (Example 1) com- 
prising: 

the 1 st terminal unit 1 a and the 2nd terminal unit 2a 
wherein the encryption/decryption device 10a is 
incorporated as shown in Figure 2; 
WWW server 3a which stores the member list gen- 
erated in said encryption/decryption device 10a, 
the secret key list and the encrypted data, as the 
information storing device, 

and these devices are connected by the net work 
(for example, inter-net) 4a. 

[0030] The encryption/decryption device 1 0a com- 
prises the encryption unit 11a, the secret key genera- 
tion unit 12a, the memory unit 13a, the encrypted key 
generation unit 14a, the affixed information creation unit 
15a, the transmitting unit 16a, the digital signature veri- 
fication unit 17a, the public key administration unit 18a, 
the digital signature affixing unit 1 9a, and the decryption 
unit 20a. 

And furthermore, the list administration unit comprises 
the digital signature verification unit 17a, the public key 



8 



13 

administration unit 1 8a, and the digital signature affixing 
unit 19a, as main elements. 

[0031] The encryption unit 11a encrypts the input- 
ted message Ma to generate the encrypted data M'a 
based on the secret key cryptography (for example, 5 
DES), by using the secret key dka or the secret key cka 
which is read out from WWW server 3a and outputs 
said encrypted data M'a to the transmitting unit 16a. 
Moreover, the encryption unit 1 1 a requests the member 
list of the designated group, i.e., the member list includ- 10 
ing the group ID and the user public key ID in detail, to 
WWW server 3a, when the secret key is shared in the 
group and data is encrypted. The transmitting of this 
request is done through the transmitting unit 1 6a. 
[0032] The secret key generation unit 12a com- 15 
prises, for example, the random-number-generation cir- 
cuit, etc, and generates the secret key dka to encrypt 
the message and outputs to the encryption unit 1 1 a and 
the encrypted key generation unit 14a. In addition, the 
secret key dka is generated as, for example, 64 bits 20 
data 

[0033] The memory unit 13a comprises, for exam- 
ple, a hard desk wherein the each specific pubic key of 
multiple users n PK1a, PK2a, PKna is already 
recorded and is accessed by the encrypted key genera- 25 
tion unit 14a and the public key administration unit 18a. 
[0034] The encrypted key generation unit 14a 
encrypts the secret key dka (or secret key cka) used in 
encryption, based on the public key cryptography (for 
example, RSA) by using the user's public key recorded 30 
in the memory unit 13a, and generates multiple 
encrypted keys EK1a, EK2a, EKna, and outputs 
these generated encrypted keys EK1a, EK2a, EKna 
to the transmitting unit 16a. 

Moreover, the encrypted key generation unit 14a 35 
requests the member list of the specific group to WWW 
server 3a when said specific group members want to 
share the information only in them and register the 
secret key to utilize in them. The transmitting of this 
request is done through the transmitting unit 1 6a. 40 
[0035] The affixed information generation unit 15a 
generates, for example, the message digest kmda of 
the secret key dka by using Hash function and outputs 
it to the transmitting unit 16a as the affixed information 
ajfa. 45 
In addition, as the affixed information, it may be suffi- 
cient that ID, user passwords, certificates, e-mail 
addresses, public keys, order information which are to 
specify the secret key being able to decrypt by user's 
secret key, or combined these information. so 
[0036] The transmitting unit 16a transmits one or 
more encrypted keys EK1a, EK2a, Ekna, encrypted 
data M'a and affixed information ajfa which are gener- 
ated with encryption of inputted message Ma, to WWW 
server 3a which works as the information storing device 55 
through the network 4a. However, such the transmitting 
operation doesn't be done at the secret key registration. 
[0037] The digital signature verification unit 17a 
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receives the member list GLa of the public key of the 
specific group which is stored in WWW server 3a 
through the net work 4a, and verifies the digital signa- 
ture of the team master, and in the event that said veri- 
fication is affirmative, outputs the public key PK to the 
public key administration unit 1 8a from the memory unit 
13a when there is the addition of the public key of the 
new user who wants to enter into the specific group, and 
when there is the withdrawing member, deletes said 
member from the members recorded in the received 
member list, and moreover, outputs the public key PKa 
corresponding to the public key ID list, to the encrypted 
key generation unit 14a from the memory unit 13a when 
the secret key is registered. 

[0038] When the public key of the user, who wants 
to enter into the group newly, is added, the public key 
administration unit 18a generates the new member list, 
sets the public key number (No) and the member's pub- 
lic key in said member list, and moreover, outputs the 
new member list to the digital signature affixing unit 1 9a 
with adding the group ID, after receiving the specific 
public key PKa outputted from the memory unit 13a. 
Moreover, for example, when the member list request of 
the specific group is needed, this request is done to 
WWW server 3a by the public key administration unit 
18a. 

[0039] The digital signature affixing unit 1 9a affixes 
the digital signature of the team master to the new 
member list generated by the public key administration 
unit 18a, transmits said list to WWW server 3a, i.e., an 
information storing device, and registers said list 
through the network 4a, . 

[0040] The decryption unit 20a retrieves the desired 
secret key number (No) and the encrypted key from the 
secret key list CKLa registered in WWW server 3a, 
decrypts the encrypted key to obtain the secret key 
based on the public key cryptography (for example, 
RSA) by the user's private key pvka, and transmits said 
secret key to the encryption unit 1 1 a. 
Moreover, when the data registered in WWW server 3a 
is decrypted, the decryption unit 20a transmits the data 
ID and the public key number (No) to WWW server 3a, 
obtains the encrypted key and data, decrypts the secret 
key by using the public key cryptography, and decrypts 
the data by using the secret key cryptography. 
This decryption unit 20a comprises the encrypted key 
decryption unit 21a and the message decryption unit 
22a as shown in Figure 3. 

[0041] Moreover, in addition to multiple encrypted 
keys, affixing data, and encrypted data stored in WWW 
server 3a, the decryption unit 20a obtains, for example, 
the algorithm identification information "desrsa" (for 
example, it is encrypted by using DES and RSA), the 
identification information which is used to identify the 
algorithm of secret key cryptography and public key 
cryptography, and information "info" (for example, to ini- 
tialized random numbers utilized in DES, etc.), informa- 
tion which is not mentioned above and is necessary to 
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perform the encryption algorithm. 
[0042] Then, the decryption unit 20a mentioned 
above initializes the algorithm to be able to utilize on 
decryption based on the algorithm identification infor- 
mation "desrsa" and information "info". 
[0043] WWW server 3a has the data base manage- 
ment system (DBMS) 31a and the permission test unit 
32a which has a permission test function as shown in 
Figure 4, and records and stores the group list GLa, the 
secret key list CKLa, group secret key list GCKLa, the 
encrypted data list EDLa and the data secret key list 
DCKLa, in the specific memory unit. 
[0044] DBNS31a has three information administra- 
tion storing functions that are the member list adminis- 
tration unit 311a, the secret key administration unit 
312a and the encrypted data administration unit 313a 
as shown in Figure 5. These units confirms whether or 
not each manipulation, registration or data storing 
request fulfills their privilege, by using authentication 
unit. 

[0045] When the member list changing request is 
done from the client side, the member list administration 
unit 31 1 a accesses to the member list GLa, responses 
to the member list manipulation request, and manipu- 
lates the member list GLa according to the replied team 
master's request. Moreover, the member list administra- 
tion unit 311a has the addition/deletion function of 
whole group. 

[0046] When the secret key registration is done, the 
secret key administration unit 312a accesses to the 
secret key list CKLa and the group secret key list 
GCKLa, and registers the secret key. 
The secret key administration unit 31 2a selects the opti- 
mum secret key (the newest key when the specific 
group has the multiple secret keys which are updating at 
any time) for the information sharing in the specific 
group at the point, and transmits to the client, when the 
secret key request is done by the client. Moreover, when 
the secret key administration unit 312a receives, for 
example, the encrypted key and the group ID informa- 
tion concerning the secret key which is about to be reg- 
istered, said secret key administration unit 312a 
classifies and stores them to each list. At this time, the 
secret key ID is generated. 

[0047] Moreover, at the new registration of the 
member to the specific group, when the each list is 
changed to allow the new member to read the informa- 
tion which was shared in the group before the registra- 
tion by the new member, the member list administration 
unit 311a and the secret key administration unit 312a 
collaborate and perform the following processing. 
[0048] In this case, the member list administration 
unit 311a confirms the authority and obtains the public 
key numbers (No) and public keys of the members in the 
specific group, from the member list GLa by referring 
the group ID. 

[0049] The secret key administration unit 312a 
retrieves all the secret key number (No) used in the spe- 



cific group from the group by referring to the group ID 
from the group secret key list GCKLa. Then, the secret 
key administration unit 312a obtains all the encrypted 
keys wherein each secret key numbers (No) matches 
5 the team master's public key number (No), and trans- 
mits to the clients. 

Then, the member list administration unit 31 1 a and the 
secret key administration unit 312a modify the member 
list GLa, the secret key list CKLa and the group secret 
10 key list GCKLa, after receiving the encrypted key, the 
member list, the public key number (No), and the secret 
key ID which are returned as the result of the process- 
ing, such as modification or encryption etc. in the clients 
side, . 

is Therefore, the newly added member can acquire the 
information shared in the past since public key of the 
member is included in the secret key list. 
[0050] Moreover, in the case of the cancellation of 
the members from the specific group, when the each 

20 lists is modified in order to prevent the canceled mem- 
ber reading the information shared in the group after 
cancellation, the member list administration unit 311a 
and the secret key administration unit 312a collaborate 
and perform the following processing. 

25 [0051] In this case, the member list administration 
unit 31 1 a updates the member list. At the last reply, the 
member list administration unit 31 1 a compares the new 
member list and the member list before update, 
deduces the canceled member's public key number 

30 (No), and transmits the group ID and the canceled 
member's public key number (No) to the secret key 
administration unit 312a. 

The secret key administration unit 312a retrieves all the 
secret key numbers (No) used in the specific group by 

35 referring the group ID from the group secret key list 
GCKLa, and deletes the all the encrypted keys wherein 
the each secret key numbers (No) matches the can- 
celed member's public key numbers (No) from the 
secret key list CKLa. 

40 [0052] In addition, at the DBMS31 a, the processes 
above are combined and performed when the addition 
and cancellation of members are performed simultane- 
ously. 

[0053] The encrypted data administration unit 31 3a 
45 accesses the group secret key list GCKLa, the secret 
key list CKLa, the data secret key list DCKLa and the 
encrypted data list EDLa, by collaborating with the 
secret key administration unit 312a, and transmits the 
member list, registers the encrypted data according to 
so the client request, and generates the data ID. Moreover, 
when the decryption request is received, the encrypted 
data administration unit 313a refers the data ID, the 
public key number (No), and the three lists above, and 
transmits the encrypted data and the encrypted key. 
55 [0054] Then , the performance by the constitution 
above is explained as following. Furthermore, in the 
case that the secret key is shared in the specified group, 
the following examples related with Figure 6 to Figure 
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10, are explained orderly, i.e., the registration example 
of the public key to said group, the registration example 
of the secret key, the examples of the encryption and 
the registration of data, the encryption example in the 
case that the user sharing key is selected separately, 5 
and the data decryption example. 
[0055] At first, when the secret key is shared within 
the group, the registration example of public keys ID to 
the group is explained in relating with Figure 6. When 
the member wants to share the information among the w 
members of the specific group, at first, the registration of 
the member's public key ID is done. 
[0056] In this case, the permission test of the 
authorities, i.e., access right etc., is done and the mem- 
ber list request of the specific group is done from the cli- 15 
ent side (the station side), for example, from the public 
key administration unit 1 8a to WWW server 3a (S61 a). 
[0057] According to the member list request, the 
public key ID list of the specific group is transmitted from 
WWW server 3a to the encryption/decryption unit 10a 20 
in the client side through the net work 4a (S62a) . 
In the encryption/decryption unit 10a, the member list, 
i.e., the public key list, is inputted to the digital signature 
verification unit 1 7a and the digital signature verification 
of the group administrator is done here.(S63a) 25 
If the verification is positive, the public key is outputted 
from the memory unit 13a to the public key administra- 
tion unit 1 8a when the public key of new user who wants 
to enter the group is added, and the public key of corre- 
sponding member is canceled from the members 30 
recorded in the received member lists when there is the 
member who wants to withdraw. (S64a) 
In the public key administration unit 18a, after receiving 
the specified public key PK outputted from the memory 
unit 13a, the new member list is created (S65a). Then, 35 
the list is set with public key numbers (No), public keys 
of the member and the group ID and outputted to the 
digital signature affixing unit 19a. 
[0058] In the digital signature affixing unit 19a, the 
digital signature of the group administrator is affixed to 40 
the new member list made in the public key administra- 
tion unit 18a. (S66a) 

Then, for example, member list update request is done 
from the digital signature affixing unit 19a to WWW 
server 3a and the member list GLa is updated at WWW 45 
server by member list administration unit 31 1a. (S67a) 
[0059] In addition, at the step S63a, if the digital 
signature verification is negative, the corresponding 
group administrator doesn't have privilege to update or 
cancel etc. and therefore, the processes after step 50 
S64a are not done. 

[0060] Next, when the secret key is shared within 
the group, the registration example of the secret key is 
explained in Figure 7. 

When only the member belonging to the specific group 55 
wants to share information, the registration of the secret 
key used by said member is done. In this case, the per- 
mission test of authorities, i.e., access right etc. is done 



and the member list request of the specific group is 
done from the client side (terminal side) i.e., for exam- 
ple, the encrypted key unit 14a, to WW server 3a. 
(S71a) 

[0061] For the member list request, the public key 
ID list of the specific group is transmitted from WWW 
server 3a to the encryption/decryption unit 10a through 
the network 4. (S72a) 

In the encryption/decryption unit 10a, the member list, 
i.e., the public key list, is inputted to the digital signature 
verification unit 17a and the digital signature of the 
group administrator is verified here. (S73a) 
[0062] If the verification is positive, the public key 
PK corresponded to the public key ID list is outputted 
from the memory unit 13a to the encrypted key genera- 
tion unit 14a. 

In the encrypted key generation unit 14a, the secret key 
Skeyl a generated at the secret key generation unit 12a 
is encrypted, for example, based on the public key cryp- 
tography, by using the given public key. Then, as shown 
in Figure 7, one or more encrypted keys EKa are gener- 
ated by affixing the public key number and data for the 
secret key list including the member public key, and out- 
putted to the transmitting unit 16a. (S74a) 
Then, at the transmitting unit 16a, the public key 
number and the secret key list data including the 
encrypted key wherein the secret key list data which 
includes the member public key is affixed, is transmitted 
to WWW server 3a through the network 4a, and stored 
at the specified location in the public key administration 
unit 312a as shown in Figure 7. (S75a) 
In addition, the affixed information generated at the 
affixed information generation unit 15a may be included 
in the transmitted information from the transmitting unit 
16a. 

[0063] In addition, at the step S73a, if the digital 
signature verification is negative, the corresponding 
administrator has no privilege to register the secret key 
and therefore, the processes after step S74a are not 
done. 

[0064] Next, when the secret key is shared within 
the group, the encryption of the data is explained in Fig- 
ure 8. 

In this case, after verification of the privilege of access 
right etc., the secret key request of the specific group, 
i.e., the request of the group ID and the user public key 
ID (for example, No. IC:FF) in detail, is done from the cli- 
ent side (the station side), i.e., for example, from the 
encryption unit 1 1 a, to WWW server 3a. (S81 a) 
[0065] For the group list request, the secret key of 
the specific group, i.e., for example, 122, and the 
encrypted key of the specific group, i.e., for example, 
zxcv, are transmitted to the encryption/decryption 
device 1 0a of the client side. (S82a) 
[0066] In the encryption/decryption device 10a, the 
secret key number (122) and the encrypted key (zxcv) 
are obtained at the decryption unit 20a, and the secret 
key Skey2a is obtained after decryption of the 
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encrypted key by using the user's private key pvka, 
based on the public key cryptography. Then, the 
obtained number and said secret key Skey2oc are out- 
putted to the encryption unit 11a. (S83a, S84a) 
[0067] In the encryption unit 11a, the input mes- 
sage Ma ("Hello") is inputted, and this input message 
Ma is encrypted based on the secret key cryptography 
(for example, DES) by using the secret key Skey2a, and 
the encrypted date M'a (for example, jjjjjj, ) which is 
affixed the secret key number (122) is generated and 
outputted to the transmitting unit 1 6a. (S85a) 
Then, at the transmittance unit 1 6a, the encrypted date 
M'a (for example, jjjjjj) which is affixed the secret key 
number (1 22) is transmitted to WWW server 3a through 
the net work 4a, and is stored at the predetermined 
location by the encrypted data administration unit 313a 
as shown Figure 8. (S86a) 

[0068] Next, in the case of sharing secret key with 
separately selected user, the encryption of data is 
explained in Figure 9. 

In this case, the in put message Ma ("Hello") is inputted 
to the encryption unit 1 1 a of the encryption device 1 0a. 
Then, the secret key Skeyla is generated at the secret 
key generation unit 12a (S91a), and this secret key 
Skeyla is transferred to the encryption unit 12a and 
encrypted key generation unit 14a. (S92a, S93a) 
[0069] At the encryption unit 11a, the input mes- 
sage Ma is encrypted based on the secret key cryptog- 
raphy DES by using the secret key Skeyla, and the 
encrypted date M'a (for example, "jjjjjj") which is affixed 
the secret key number (for example, "124") is generated 
and outputted to the transmittance unit 16a. 
[0070] Moreover, the public key PKa based on the 
public key cryptography ( for example, RSA) of user A, 
B and C is read from the memory unit 13a at the 
encrypted key generation unit 14a. 
At the encrypted key generation unit 1 4a, the secret key 
Skeyl a is encrypted based on the public key cryptogra- 
phy by using each public key. Then, or example, the 
encrypted key (olkj, Oiwi, Xknm) are obtained and the 
data including the public key numbers ("11:AA", 
21C:FF","2E5:4B") are outputted to the transmittance 
unit 16a. (S94a) 

[0071] Then, the data which includes the encrypted 
data M'a (for example, "jjjjjj") affixed the secret key 
number (for example, "1 24") in the transmitting unit 1 6a, 
the encrypted keys ("olkj"," Oiwi", "Xknm") and the pub- 
lic key numbers, is transmitted to WWW server 3a 
trough network 4a and stored to the specified location 
shown in Figure 9. (S95a) 

[0072] Next, the case of acquirement of the data 
stored in WWW server 3a is explained in Figure 1 0. 
In this case, for example, the data ID (for exam- 
ple, "4444") and the public key ID are transmitted to 
WWW server 3a from the decryption unit 20a. (S1 01 a) 
At WWW server 3a, the encrypted data (for example, 
"jjjjjj") tne encrypt key zxcv corresponding to this 
data are read from the established location in the 



encrypted data administration unit 313a, by using the 
received data ID and the secret key number (for exam- 
ple, "122") based on this data ID, and are transmitted to 
the client side through the network 4a. (S1 02a) 
5 [0073] In the decrypted unit 20a, the secret key is 
decrypted as Skey2a by using the secret key corre- 
sponding to the public key ID based on the public key 
cryptography. (S103a) 

Then, by using this secret key Skey2a, the data is 
w decrypted as "Hello" in based on the secret key cryptog- 
raphy. (S104a) 

[0074] Next, the operation at WWW server 3a is 
explained in the following two cases. One case is that 
the each list is manipulated for the new member who 

15 can read the information shared in the specific group 
before the registration, at the new member registration 
to the specific group. The other case is that each list is 
manipulated to prevent that the canceled member reads 
the information shared in the specific group after can- 

20 cellation, at the member cancellation from the specific 
group. 

[0075] At first, it is explained that the former case 
i.e., the each list is modified for the new member who 
can read the shared information in the specific group 
25 before the registration, at the new member registration 
to the specific group. 

[0076] In this case, at WWW server 3a, while the 
privilege is confirmed by the group administration unit 
31 1 a, the public key number (No) and the public key of 
30 the member belonging the specific group (for example, 
B team) are obtained from the member list GLa by ref- 
erencing the group ID. 

Then, at the secret key administration unit 312a, the 
group ID is referred from the group secret key list 
35 GCKLa and all the secret key numbers (for example, 52, 
111, 123 ) used in the specific group (for example, B 
team) is retrieved. 

Moreover, at the secret key administration unit 312a, all 
the encrypted key (for example, qwer, phea, gobp) 

40 wherein each secret key number (for example, 52, 111, 
123) matches the public key number of the group 
administrator (for example, 11:AA), is obtained by the 
secret key list CKLa and is transmitted to the client of 
the team master. 

45 [0077] In the encryption/decryption device of the 
team master 1 0a, the member list and the secret keys 
(for example, Skeyl 00a, Skeyl 05a, Skey80a) wherein 
all of the encrypted keys are decrypted, are obtained. 
As shown in Figure 6, after the member list is manipu- 

so lated, these secret keys are encrypted by using the pub- 
lic key of newly registered member, (for example, xhen, 
mxco, henc) 

Then, these encrypted keys, member lists, public key 
numbers (for example, L2: CA) and secret keys are out- 
55 putted to WWW server 3a. 

[0078] In the member list administration unit 311a 
and secret key administration unit 31 2a, the member list 
GLa, the secret key list CKLa and the group secret key 
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list (GSKLoc) are modified, after receiving the encrypted 
keys, the group lists, public key numbers (No) and the 
secret key ID which are replied as a result of the modifi- 
cation and encryption etc. at the client side. 
By this way, the newly added member can obtain the 5 
information shared in the past since own public key is 
included in the secret key list. 

[0079] Next, when a member is canceled from the 
specific group, the manipulation of each list in order to 
prevent the canceled member reading the shared infor- 
mation in the group after cancellation is explained. 
[0080] In this case, at the member list administra- 
tion unit 311a in WWW server 3a, the member list is 
modified. In this time, at the last replied part, the new 
member list is compared with the member list before 
modification and then, the canceled public key number 
(No) is deduced. Then, the group ID and the public key 
number of the canceled member (No) are transmitted to 
the secret key administration unit 312a. 
At the secret key administration unit 312a, by using the 
group secret key list GCKLa, all the secret key numbers 
(for example, 38, 444, 133) which are used in the spe- 
cific group (for example, B team) is retrieved by referring 
the group ID. 

Next, at the secret key administration unit 312a, all the 
encrypted key wherein each secret members (for exam- 
ple, 38,444, 1 33) matches the public key number of can- 
celed member (for example, LL:BB) are deleted from 
the secret key list CKLa. 

[0081] In addition, at WWW server 3a, i.e., at 
DBMS31a in detail, when the addition and cancellation 
of the members are done simultaneously, the combina- 
tion of methods above is performed. 
[0082] As explained above, according to the exam- 
ple of this invention, the information sharing system of 
this invention comprising; 

WWW server 3a which can be accessed by at least 
multiple members, and can store at least the signa- 
ture of the team master, the member list including 
member's public key information, the secret key list 
including encrypted key information, and the 
encrypted data, and 

the encryption/decryption device 10a, which is 
comprising; 

the memory unit 13a which memorizes the public 
key of at least one member who is permitted to view 
information; 

the encryption unit 11a which encrypts the input 
information to generate the encrypted data, based 
on the secret key cryptography by using the secret 
key for encrypting information; 
the encrypted key generation unit 14a which 
encrypts the secret key used for encryption to gen- 
erate an encrypted key by using the public key 
memorized and specified in said storing unit; 
the transmitting unit 1 6a which transmits and stores 
the multiple encrypted keys and encrypted data to 



WWW server; 

the list administration unit 17a, 18a, 19a which 
retrieves the member list from WWW server, judges 
whether or not the signature of the group adminis- 
trator of said member list matches the specific sig- 
nature, performs additional registration of member 
public key or cancellation of member public key only 
in the event that said signature matches, and, in the 
event of additional registration or cancellation, cre- 
ates the new member list including at least the sig- 
nature of the team master and public key 
information of members, and transmits the created 
member list to said information storing device; and 
the decryption unit 20a for obtaining desired 
encrypted key information and encrypted data from 
WWW server, decrypting said secret key from this 
encrypted key information, and decrypting the 
acquired encryption data with the decrypted secret 
key. 

[0083] Since said WWW server 3a and said 
encryption/decryption device 1 0a mentioned above are 
connected with internet, it is possible to share the secret 
key in the group and there is no possibility to be seen by 
the team master engaging in a data base storing 
encrypted data, the server or the file system. 
Therefore, it is possible to prevent administrator's peep- 
ing and tampering of information, who have no privilege 
and are of information storing device such as server.. 
[0084] Moreover, according to the examples of this 
invention, in this information sharing system, as the 
information storing device, WWW server 3a comprising; 

the member list administration unit 31 1 a which can 
access the member list GLa, reply to a request of 
member manipulation, and can manipulate a mem- 
ber list GLa according to the request returned from 
an administrator, when a member list is requested 
to manipulate from a client side; 
the secret key administration unit 312a which 
selects the most suitable key for information shar- 
ing at that time and to the specific group, and trans- 
mits to the client when the secret key is required by 
the client; 

the encrypted data administration unit 313a which 
accesses the group secret key list GCKLa, the 
secret key list CKLa, the data secret key list DCKLa 
and the encrypted data list EDLa, and sends the 
member list and register the encrypted data as fol- 
lowing the client request, and can create the data 
ID, and answers the encrypted data and the 
encrypted key as referencing the data ID, the public 
key number (No) and said 3 lists in the event of 
receiving a decryption request. 

[0085] Since these units are built in WWW server 
3a, it is possible to prevent administrator's peeping and 
tampering of information, who have no privilege and are 
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of information storing device such as server. Therefore, 
data administration can be done surely. 
[0086] In addition, programs for executing the proc- 
ess on the encryption/decryption device 1 0oc, processes 
such as creation, registration and cancellation of group 
lists, creation and registration of secret keys, encryption 
of data by using a registered secret key, and decryption 
process of data registered in a server 3a, or programs 
for manipulation, registration and storing of lists on a 
server 3a, are memorized in record media that are built 
in the encryption device 10a or the server. These pro- 
grams in record media such as floppy desks, hard 
desks, optical disks and semiconductor memories, are 
read out by 1st and 2nd terminals (computers) 1a and 
2a and are executed. 

[0087] Moreover, as other example, when data is 
transmitted in the communication program (for example, 
a dedicated line of internet or a telephone line), it is said 
that data transmittance which holds this communication 
program in a fixed time. 

[0088] Moreover, it is possible that an information 
storing device and an encryption/decryption device 10a 
of this invention comprises a transmission/reception 
notification unit (not drawn in a figure) that executes the 
transmission notification which announces said trans- 
mission to the reception side, and the receipt notifica- 
tion which announces said reception to the transmission 
side, when information or data is transmitted from a 
sender side to recipient side. 

[0089] By using the transmission/reception notifica- 
tion unit above, it is possible at reception time that the 
recipient can transmit the received message which con- 
firms reception surely, to a sender, an information com- 
munication device or an information storing device in 
which an information is relayed. As informations in 
these messages above, there are a full content of infor- 
mation being transmitted from the sender (or a part), 
abstract, the information that specifies the sender, the 
information that specifies the recipient, the storing place 
of the information acquirement (for example, URL 
address, Directory etc.) and time and date of informa- 
tion acquirement etc. 

[0090] In detail, at the information storing device 
313a in Figure 5, the function of transmission/reception 
notice unit is given in the encrypted data administration 
unit 313a. Moreover, at the encryption/decryption 
device, the sending or receiving message is build by 
using information which are included in messages 
above that are used at encryption or obtained at decryp- 
tion, and is transmitted. As the transmission way, an 
external communication facilities such as a mail proto- 
col connected to terminals or HTT protocol stored in 
Prauza etc., can be used substitution ally. 
[0091] The reason why the structure above is build 
that, when the high confidential information (for exam- 
ple, an agreement etc.) is transmitted, the sender or the 
recipient can confirm that the transmission is performed 
surely. The sender can transmit the transmission mes- 



sage that the transmission is performed surely, to the 
recipient, the information relay device or information 
storing device, at transmission time (encryption time) by 
using the transmission/reception notification unit. For 

5 example, when transmission of the information is per- 
formed by HTTP communication, by transmitting the 
message using another protocol such as SMTP etc., 
existing of the communication can be confirmed by both 
of the sender and the recipient and safety of communi- 

10 cation grows up. 

[0092] As mentioned above, by the 1st Example of 
this invention, it becomes possible to share the secret 
key by the group and there is no possibility to be seen 
the content of information by the group administrator 

15 who is engaged in the database storing the encrypted 
data, the server and the file system. 

Example 2 

20 [0093] The 2nd Example of this invention is con- 
cerning, for example, the information tamper detection 
device which is used in detection of an information tam- 
pering at transmission through network, and the record 
medium which can be read from a computer in which 

25 the tampering detection program is installed. 

[0094] Concerning about Example 2 of this inven- 
tion, the following techniques are known before. 
In former times, as the technology to detect the informa- 
tion tampering (hereinafter describes as information 

30 tampering detection technology), a digital signature 
technology has been practically used by the information 
tamper detection device. As general examples of the 
digital signature technology, Digital Signature Algorithm 
and a combination system of public key cryptography 

35 (for example, RSA system) and Hash function (for 
example, MD2) are known. 

[0095] Figure 1 7 shows the explanation of an oper- 
ation theory of the conventional information tamper 
detection device mentioned above. An information 

40 tamper detection device in Figure 1 7 consists roughly of 
the sending terminal established in sender side 1(3 and 
the receiving terminal established in recipient side 6(3 
which is connected with said sender terminal ip 
through the network which is not drown in this figure (for 

45 example, internet etc.). At this information tamper 
detection device, the public key and the private key are 
used in encryption and decryption. About this public key 
and private key, there is a relationship that it is possible 
to obtain the public key from the private key by calcula- 

50 tion but, on the other hand, is impossible to obtain the 
private key from the public key. 

[0096] About the construction mentioned above, 
the sending terminal 1(3 encrypts the plain texts 2(3 that 
should be sent to the receiving terminal 6(3 at Step 
55 SA1(3. In detail, the sending terminal 1(3 creates the 
cipher text 3(3 from the plain text 2(3 by using the recipi- 
ent's public key (the receiving terminal 6(3). Next, the 
sending terminal 1(3 creates MD|3 (the message digest) 
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4a|3 by using Hash function to digest the plain text 2|3 at 
Step SA2p. 

[0097] In this case, Hash function is a function in 
which it is impossible computationally to identify two 
arbitrary different inputs having same output level. This 
is an unidirectional function in which the digested data 
which is relatively short and fixed length is created from 
a long message as Hash code, in order to use as a part 
of mechanism of the digital signature etc. 
[0098] Next, the sending terminal 1(3 creates the 
message authentication code 5(3 from MD4a(3 by using 
the sender's private key (the sending terminal 1P) at 
Step SA3|3. This message authentication code 5(3 is the 
digital signature which was signed to the plain text 2(3 
that is an origin of the cipher text 3(3. 
[0099] In this case, the digital signature has been 
signed through the two processes that are the 1st proc- 
ess in which the message digest is made and the 2nd 
process in which encryption to said message digest is 
done by the private key. Moreover, as other process 
except above, the digital signature also includes the 
case signed by the process in which encryption is done 
to the message which is not message digested yet or 
the combination of the message digest and said mes- 
sage by the private key. 

[0100] Then, the sending terminal 1(3 sends the 
cipher text 3(3 and the message authentication code 5(3 
mentioned above to the receiving terminal 6(3 through 
the network. By this way, after receiving the cipher text 
3(3 and the message authentication code 5(3, the receiv- 
ing terminal 6(3 decrypts first the cipher text 3P by using 
the receiver's private key (the receiving terminal 60) and 
creates the plain text 2p at Step SA4p. Then, at Step 
SA5p, the receiving terminal 6p creates MDp4bp by 
digesting the decrypted plain text 2P in use of Hash 
function. 

[0101] Moreover, at Step SA6P, the receiving termi- 
nal 6P decrypts the received message authentication 
code 5P by using the sender's public key (the sender 
terminal 1P) to make MDp4cp. 

Then, at Step SA7p, the receiving terminal 6p performs 
tamper detection whether tampering was done or not on 
the transmitted information (the cipher text 3p and the 
message authentication code 5P) by comparing 
MDp4bp and MDp4cp. When MDp4bp matches 
MDp4cp, it means that there was not tampering on the 
transmitted message. On the other hand, when 
MDp4bp not matches MDp4cp, it means that tampering 
was done. 

[0102] By the way, as showing in Figure 17, at the 
conventional information tamper detection device, the 
receiving terminal 6P having the privilege to decrypt the 
received cipher text 3P, can detect whether tampering 
was done or not in the transmitting (in the sending) from 
the result of comparing MDp4bp and MDp4cp. 
[0103] However, as showing Figure 18, at the con- 
ventional information tamper detection device, there is a 
fault that the receiving terminal 6P which doesn't have 



the privilege to decrypt the received cipher text 3P, i.e., 
in other word, which doesn't have the recipient's private 
key, can not execute tamper detection on a transmitted 
information since it can not create the plain text 20, and 
5 MDp4bp. 

[0104] Therefore, at the conventional information 
tamper detection device, when the receiving terminal 6p 
transmits further the information to other terminal being 
not illustrated, said terminal can not detect when and 

w where the tampering has been done even if said termi- 
nal has privilege to decrypt the cipher text 3p. Moreover, 
at the conventional information tamper detection device, 
when the sending terminal 1p which transmits an infor- 
mation first, transmits an digital signature which is not 

15 the message authentication code 5p ( the digital signa- 
ture) made from the original plain text 2p, the receiving 
terminal mentioned above can not detect tampering. 
That is, at the conventional information tamper detec- 
tion device, when the important transmitted information 

20 is tampered, it is important to specify the terminal 
(place) where the tampering was done and when it was 
done. However, it is difficult to do such detection and 
specification in the conventional method. 
[0105] This invention has been done under the 

25 background mentioned above and aims to offer an infor- 
mation tamper detection device in which information 
tampering can be detected even if the receiving terminal 
doesn't have the privilege to decrypt the received infor- 
mation, and the record medium in which the tampering 

30 detection program is recorded and is readable by the 
computer. 

[0106] Example 2 of this invention is explained by 
referencing figures as following. Figure 11 shows the 
operation theory of the information tamper detection 

35 device of the Example 2 of this invention. The informa- 
tion tamper detection device in this figure consists 
roughly of the terminal 100P established in the sender 
side and the terminal 200P which is connected with said 
terminal 100P through the network l\ip that is inter net 

40 etc. 

[0107] In this construction mentioned above, the 
terminal 100P digests the transmitted message 1 1 (3 by 
using Hash function to make the transmitted message 
MDp (Message Digest) 12ap at Step SBip. This trans- 

45 mitted message MDpi2ap is used to verify whether 
sender's transmitted contents and recipient's received 
contents are matching or not as it mentions later. Next, 
the terminal 100P sends (transmits) the transmitted 
message 1ip mentioned above to the terminal 200P 

so through the network Np. 

[0108] By this way, after receiving the transmitted 
message 1 1 p, the terminal 200P digests the transmitted 
message 11P by using Hash function to create the 
transmitted message MDpi2bp at Step SB2p. At this 

55 time, when the transmitted message 1 1 p was not tam- 
pered, the transmitted message MDpi2bp mentioned 
above and the transmitted message MDp12ap are 
matching. On the other hand, when tampering was 
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done, the transmitted message MD(312b(3 mentioned 
above and the transmitted message MDpi2ap are dif- 
ferent. 

[0109] Then, at Step SB3P, the terminal 200(3 
encrypts the transmitted message MDpi2bp by using 
the recipient's private key to make the received content 
confirmation data 13p. This received content confirma- 
tion data 13P is the message in which the digital signa- 
tures was done to the transmitted message MDP"l2bp 
by the recipient (the terminal 200P), and was verified 
that the recipient (the terminal 20P) received the trans- 
mitted content (the transmitted message 1 1 P). 
In this case, the digital signature has been done through 
two processes that are message digesting and mes- 
sage encrypting. 

Moreover, the digital signature also includes the case 
done by the process in which the encryption is done to 
the not digested message or the combination of the 
message digest and said message by the secret key, in 
excepting two processes mentioned above. 
In conclusion, the digital signature is the signature that 
is encrypted to a certain message by the secret key 
regardless of being digested or not. 
Next, the terminal 200P sends the received content con- 
firmation data 13P mentioned above to the terminal 
1 0OP through the network l\ip. 

[0110] By this process, after receiving the received 
contents confirmation data 13p mentioned above, the 
terminal 100P encrypts said received content confirma- 
tion data 1 3P by using the recipient's (the terminal 200P) 
public key to make the transmitted message MDpi2cp 
at Step SB4p. Next, at Step SB5P, the terminal 100P 
verifies whether tampering is done or not by comparing 
the transmitted message MDp12ap and the transmitted 
message MDpi2cp. In detail, the terminal 100P con- 
firms the verified result to be not tampered when the 
transmitted message MDpi2ap and the transmitted 
message MDpi2cp are matching. On the other hand, 
the terminal 1 0OP confirms the verified result to be tam- 
pered when the transmitted message MDpi2ap and the 
transmitted message MDp12cp are different. 
[0111] Next, at Step SB6P, the terminal 100p 
encrypts the received content confirmation data 13p by 
using the sender's (the terminal 100P) private key to 
make the sent content confirmation data 14p. This sent 
content confirmation data 14p is the message in which 
the digital signatures was done to the received content 
conformation data 13P by the sender (the terminal 
1 00p), and is the message to verify that the sender (the 
terminal 100P) sent the transmitted content (the trans- 
mitted message 1 1 P) which is received by the recipient 
(the terminal 200P). Moreover, the sent contents confir- 
mation data 1 4(3 is the message to verify that the recip- 
ient (the terminal 200P) can store the transmitted 
contents (the transmitted message 1 1 p). 
[0112] Figure 12 shows a block diagram that indi- 
cates the detailed construction of the information tam- 
pering detection device of one operation form of this 



invention. In this figure, the same code is allotted with 
corresponding to each segment in Figure 11 . At the ter- 
minal 100P in Figure 12, 1 01 J3 is the message transmit- 
ting unit which sends the transmitted message lip to 
5 the terminal 200P through the network Np. 102P is the 
message receiving unit which receives the received 
content conformation data 1 3(3 (shown in Figure 11) 
which is sent from the terminal 200P through the net- 
work Np. 

w [0113] 103P is the received contents confirmation 
data verification unit which performs the processing of 
Step SB1 p, SB4P and SB5P in Figure 1 1 and consists of 
the message digest creation unit 103ap , the 
sender/session/receiver information retrieving unit 

15 1 03bp and the digital signature verification unitl 03cp. At 
the received contents confirmation data verification unit 
103P, the message digest creation unit 103ap performs 
the processing of Step SBip in Figure 11 and digests 
the transmitted message 1 1 p by using Hash function to 

20 create the transmitted message MDp12ap. The 
sender/session/receiver information retrieving unit 
103bp retrieves each information, i.e., the sender infor- 
mation, the session information and the recipient infor- 
mation, from the transmitted message lip and the 

25 received contents confirmation data 13p. 

[0114] In this case, the sender information is the 
message about the sender (the terminal 100P) and 
includes the sender name, ID, public key ID, the mail 
address and the digital certificate which is published by 

30 the reliable third-party organization, etc. Moreover, the 
session information is the information about the trans- 
mission between the terminal 100P and the terminal 
200p and includes transmitting time, receiving time, 
transmitting method and transmitting ID etc. Moreover, 

35 the recipient information is the message about the 
recipient (the terminal 200P) and includes the recipient 
name, ID, the public key ID, the mail address and the 
digital certificate which is published by the reliable third- 
party organization, etc. 

40 The digital signature verification unit 103cp in Figure 12 
confirms that the digital signature of the received con- 
tents confirmation data 13P (shown in Figure 11) is 
surely signed by the recipient (the terminal 200P). 
[0115] 104P is the sent contents confirmation data 

45 creation unit, which performs the processing of Step 
SB6p etc., in Figure 11, and consists of the message 
digest creation unit 1 04ap, the sender/session/receiver 
information retrieving unit 104bp and the digital signa- 
ture verification unit 1 04cp. This sent contents confirma- 

50 tion data creation unit 104P creates the sent contents 
confirmation data 14P based on the received contents 
confirmation data 1 3(3. 

[0116] At this sent contents confirmation data crea- 
tion unit 104p, the message digest creation unit 104ap 
55 creates the message digest from the received contents 
confirmation data 1 3(3. The sender/session/receiver 
information receiving unit 104bp retrieves the sender 
information,, the session information and the recipient 
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information from the received contents confirmation 
data 1 3P as same as that of the sender/session/receiver 
information retrieving unit 103b(3 mentioned above. The 
digital signature addition unit 104cp adds the digital sig- 
nature to the received contents confirmation data 1 33 
by encrypting the received contents confirmation data 
13|3 in use of the sender's (the terminal 100P) secret 
key. 

105p is the message transmitting unit which sends the 
sent contents confirmation data 1 4(3 to the terminal 
200P through the network l\ip. 

[0117] On the other hand, at the terminal 200P, 
201 p is the message receiving unit which receives the 
transmitted message 11 p sent from the terminal 100P 
through the network Np. 202p is the received contents 
confirmation data creation unit which performs the 
processing of Step SB2P and SB3P in Figure 1 1 and 
consists of the message digest creation unit 202ap, the 
sender/session/receiver information retrieving unit 
202bp and the digital signature verification unit 202cp. 
This received contents confirmation data creation unit 
202P creates the received contents confirmation data 
13P based on the transmitted message 1 ip. 
[0118] At this received contents confirmation crea- 
tion unit 202P, the message digest creation unit 202ap 
digests the transmitted message 1 1 (3 by using Hash 
function to make the transmitted message MDpi2bp 
(shown in Figure 11). Like the sender/session/receiver 
information retrieving unit 103bp mentioned above, the 
sender/session/receiver information retrieving unit 
202bp retrieves the sender information, the session 
information and the recipient information about the 
transmitted message 1 1p. The digital signature addition 
unit 202cp adds the digital signature to the transmitted 
message MDpi2bp by encrypting the transmitted mes- 
sage MDp1 2bp (shown in Figure 1 1 ) in use of the recip- 
ient's secret key of (the terminal 200P). Here, the 
transmitted message MDpi2bp added this signature is 
the received contents confirmation data 13p. 
[0119] Moreover, 205P is the sent contents confir- 
mation data verification unit which verifies the contents 
of the sent contents conformation data 1 4(3 sent from 
the terminal 100P, based on the transmitted message 
1 1 p and consists of the message digest creation retriev- 
ing unit 205ap, the sender/session/receiver information 
retrieving unit 205bp and the digital signature verifica- 
tion unit 205cp. At this sent contents confirmation data 
verification unit 205P, the message digest creation 
retrieving unit 205ap has two functions which are creat- 
ing the message digest mentioned above and retrieving 
the transmitted message MDpi2bp (shown in Figure 
1 1 ) which is already created by the message digest cre- 
ation unit 202aP in the received contents confirmation 
data creation unit 202p. Then, when the transmitted 
message MDp12bp is retrieved, the message digest 
creation retrieving unit 205bp does not create the mes- 
sage digest. The sender/session/receiver information 
retrieving unit 205bp retrieves sender information, ses- 



sion information and receiver information same as the 
sender/session/receiver information retrieving unit 
103bp mentioned above. The digital signature verifica- 
tion unit 205cp verifies the digital signature to the 

5 received contents confirmation data 130 by using the 
sender's public key (the terminal 100P). 
[0120] Next, the processing of this information tam- 
pering detection device in this Example mentioned 
above is explained by referring to the flow charts in Fig- 

10 ure 13 to Figure 16. Figure 13 shows the flow chart 
explaining the processing of the received contents con- 
firmation data verification unit 103p in Figure 12 and 
Figure 14 shows the flow chart explaining the process- 
ing of the sent contents confirmation data creation unit 

15 1 04 . Moreover, Figure 1 5 shows the flow chart explain- 
ing the processing of the received contents confirmation 
data creation unit 202P in Figure 12 and Figure 16 
shows the flow chart explaining the processing of the 
sent contents confirmation data verification unit 205p. 

20 [0121] In Figure 12, when the transmitted message 
11P in the terminal 100P is sent from the message 
transmitting unit 101P to the terminal 200P through the 
network Np, said transmitted message 1 1 p is received 
by the message receiving unit 201 p in the terminal 

25 200p. By this way, the received contents confirmation 
data creation unit 202P creates the received contents 
confirmation data 13P according to the flow chart in Fig- 
ure 15. 

[0122] In detail, at Step SE1p in Figure 15, the 

30 received contents confirmation data creation unit 202P 
inputs the received contents (the transmitted message 
1 1P). Thereby, at Step SE2P, the message digest crea- 
tion unit 202p digests the received contents (the trans- 
mitted message 1 1 (3) by using Hash function to create 

35 the message digest (the transmitted message 
MDpi2bp in Figure 11). In addition, in the example in 
Figure 15, it may also progress to Step SE6P from Step 
SE1 P without the processing of Step SE2p. 
[0123] Moreover, at Step SE3P to Step SE5P, the 

40 received contents confirmation data creation unit 202p 
retrieves sender information (sender's name, ID, the 
public key ID, the mail address and the digital certificate 
etc.), recipient information (recipient's name, ID, the 
public key ID, the mail address and the digital certificate 

45 etc.) and session information (sending time, receiving 
time, protocol and the session ID etc.) from the transmit- 
ted message 1 ip. 

[0124] Thereby, at Step SE6P, the sender/ses- 
sion/receiver information retrieving unit 202bp retrieves 

so sender information, recipient information and session 
information that were input at Step SE3P to SE5P and 
the received contents confirmation data creation unit 
202P composes the received contents (the transmitted 
message lip) mentioned above, the transmitted mes- 

55 sage MDp1 2bp and each information of sender informa- 
tion, recipient information and session information. In 
this case, the composing of information is to combine all 
or one part of the transmitted message MDpi 2bp being 
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digested by Hash function and one or more information 
of the sender information which are the sender's name, 
ID etc. the recipient information which are the recipient's 
name, ID etc. and the session information which are the 
sending time, the receiving time etc. 
[0125] Next, at Step SE7|3, the message digest cre- 
ation unit 202)3 creates the message digest by digesting 
the composed information at Step SE06 in use of Hash 
function. Then, at Step SE8(3, the digital signature veri- 
fication unit 202cp encrypts the message digest created 
at Step SE7|3 by using recipient's private key to add the 
digital signature to said message digest. Then, at Step 
SE9p, the received contents confirmation data verifica- 
tion unit 202f$ creates the received contents confirma- 
tion data 13)3 by composing each information and then, 
outputs them to the message transmitting unit 203(3. 
Moreover, the message digest creation unit 202ap out- 
puts the transmitted message MD|312b(3 to the mes- 
sage digest creation / retrieving unit 205a(3 in the sent 
contents confirmation data verification unit 205)3 if 
needed. In this case, the message digest creation / 
retrieving unit 205a|3 retrieves the transmitted message 
MD(31 2b(3 mentioned above without creation of the mes- 
sage digest. 

[0126] Then, the receiving contents confirmation 
data 13(3 mentioned above is received by the message 
receiving unit 102)3 in the terminal 100P after transmit- 
ting to the terminal 100)3 by the message transmitting 
unit 203P through the network Np. By this way, the 
received contents confirmation data verification unit 
1 03P in the terminal 1 0OP detects tampering by verifying 
the contents of the received contents confirmation data 
1 3(3 according to the flow chart in Figure 13. 
[0127] In detail, at Step SCip in Figure 13, the 
received contents confirmation data verification unit 
103P progresses to Step SC2p after inputting the 
received contents confirmation data 13P which is 
received by the message receiving unit 102p. At Step 
SC2P, the message digest creation unit 1 03ap decrypts 
the received contents confirmation data 13p by using 
recipient's public key to create (retrieve) the message 
digest (the transmitted message MDpi2cp in Figure 
11). 

[0128] Then, at Step SC3P, the digital signature 
verification unit 103cp verifies whether the received 
contents confirmation data 13p is signed by the recipi- 
ent or not, by using the recipient's (the terminal 200P) 
public key. In this time, when the received contents con- 
firmation data 13p can be decrypted by the recipient's 
(the terminal 200P) public key, the received contents 
confirmation data 13P is the data signed by the recipi- 
ent. On the other hand, when the received contents 
confirmation data 1 3P cannot be decrypted by the recip- 
ient's public key, the received contents confirmation 
data 13p is the data not signed by the recipient. 
[0129] Next, at Step SC4P, the received contents 
confirmation data verification unit 103p judges whether 
the signature of the received contents confirmation data 



1 33 is the recipient's digital signature or not from the 
verification result of Step SC3p. When the judgement is 
negative (NO), it is judged that tampering or communi- 
cation error occurs. On the other hand, when the judge- 
5 ment at Step SC4P is positive (YES), the receiving 
contents confirmation data verification unit 103P 
progresses to Step SC5p. 

[0130] At Step SC5P, the each information in the 
received contents confirmation data 1 3(3 is decom- 

10 posed. In this time, as the each information mentioned 
above, there are the received message contents, the 
sender information, the recipient information, the ses- 
sion information and the message digest (the transmit- 
ted message MDpi2cP) etc. mentioned above. 

15 [0131] Moreover, the received contents confirma- 
tion data verification unit 103P progresses to Step SC6P 
and inputs the transmitted message 1ip and the com- 
munication information, i.e., the sender information, 
session information and recipient information etc. which 

20 are transmitted by the sender. Next, at Step SC7p, the 
message digest creation unit 1 03ap in the received con- 
tents confirmation data verification unit 1 03P digests the 
transmitted message 1 1 (3 by using Hash function to cre- 
ate the transmitted message MDpi2ap (shown in Fig- 

25 ure 11). 

[0132] Then, the received contents confirmation 
data verification unit 103P verifies the received mes- 
sage contents for every message by comparing the 
received contents and sent contents at Step SC9P to 

30 SC12p. Then, at Step SC13P, after receiving the results 
of verification at Step SC9P to SC12P, the received con- 
tents confirmation data verification unit 103P judges 
whether the received contents matches the sent con- 
tents or not. When the judgement is negative (NO), it is 

35 judged that tampering or communication error occurs. 
On the other hand, when the received contents matches 
the sent contents, the result of judgement at Step 
SC1 3P may be positive (YES) and there is no tampering 
or no communication error. 

40 [0133] Next, the sent contents confirmation data 
creation unit 1 04p performs the processing to create the 
sent contents confirmation date 1 4(3 (shown in 
Figure11) according to the flow chart in Figure 14. 
Namely, the sent contents confirmation data creation 

45 unit 104P creates the received contents confirmation 
data acknowledgement message after inputting the 
received contents confirmation data 1 3|3 at Step SDip 
in Figure 14. In this case, the received contents confir- 
mation data acknowledgement message is the mes- 

50 sage indicating that the received contents confirmation 
data verification unit 103P acknowledges (confirms) the 
contents of the received contents confirmation data 
1 33. This acknowledgment (confirmation) message is 
created based on the information about the acknowl- 

55 edging time, the terminal and the acknowledging person 
(the sender in this Example). 

[0134] Next, at Step SD3P, the sent contents confir- 
mation data creation unit 104P composes the received 
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contents confirmation data 13(3 and the received con- 
tents confirmation data acknowledgement message. 
Next, at Step SD4P, the message digest creation unit 
104ap progresses to Step SD5p after obtaining the 
message digest of the message composed at Step 
SD3|3. At Step SD5(3, the digital signature addition unit 
1 04c|3 signs to the message digest by encrypting in use 
of the sender's (the terminal 100(3) private key. 
[0135] Then, at Step SD6(3, the sent contents con- 
firmation data creation unit 1043 composes the each 
information at Step SD3(3 and the message digest 
signed at Step SD5p. Thereby, the sent contents confir- 
mation data 14p is created and output to the message 
transmitting unit 105f$ in the sent contents confirmation 
data creation unit 1 04p. 

[0136] Then, the sent contents confirmation data 
1 43 is received by the message receiving unit 204P in 
the terminal 200P after being sent to the terminal 200P 
by the message transmitting unit 105P through the net- 
work Np. 

[0137] By this way, the sent contents confirmation 
data verification unit 205P in the terminal 200P performs 
the verification of the sent contents confirmation data 
1 4P according to the flow chart in Figure 1 6. 
In detail, at Step SFip in Figure 16, the sent contents 
confirmation data verification unit 205P progresses to 
Step SF2P after inputting the sent contents confirmation 
data 1 4(3 which is received from the message receiving 
unit 204p. At Step SF2P, the message digest creation / 
retrieving unit 205ap creates (retrieves) the message 
digest by decrypting the sent contents confirmation data 
1 4P in use of the sender's (the terminal 1 0OP) public key. 
[0138] Then, at Step SF3P, the digital signature ver- 
ification unit 205cp verifies whether the sent contents 
confirmation data 1 4P is signed by the sender or not, by 
using the sender's (the terminal 1 0OP) public key. In this 
time, when the sent contents confirmation data 14P can 
be decrypted by the sender's (the terminal 100P) public 
key, it is judged that the sent contents confirmation data 
1 4p was signed by the sender. On the other hand, when 
the sent contents confirmation data cannot be 
decrypted, it is judged that the sent contents confirma- 
tion data 14(3 was not signed by the sender. 
[0139] Next, at Step SF4P, the sent contents confir- 
mation data verification unit 205P judges whether the 
signature of the sent content confirmation data 14p is 
the sender's (the terminal 100p) signature or not, from 
the results of verification at Step SF4p. When such 
judgement is negative (NO), it is judged that tampering 
or communication error occurs. On the other hand, 
when the judgement at Step SF4P is positive (YES), the 
sent contents confirmation data verification unit 205P 
progresses to the Step SF5p. 

[0140] At Step SF5p, various messages in the sent 
contents confirmation data 1 4(3 are decomposed. In this 
case, as the various messages mentioned above, there 
are the received information contents, the sender infor- 
mation, the recipient information, the session informa- 



tion and the message digest etc. mentioned above. 
[0141] Moreover, the sent contents confirmation 
data verification unit 205P progresses to the Step SF6P 
and inputs the received transmitted message 1ip and 

5 the communication information i.e., sender information, 
session information and recipient information which are 
transmitted by the sender. Next, at Step SF7p, the mes- 
sage digest creation / retrieving unit 205ap in the sent 
contents confirmation data verification unit 205P digests 

10 the transmitted message 1 1 p by using Hash function to 
create the transmitted message MDpi2bp (the mes- 
sage digest). However, the message digest creation / 
retrieving unit 205ap does not perform the creation 
mentioned above when said unit retrieves the transmit- 

15 ted message MDpi2bp from the message digest crea- 
tion unit202ap. 

[0142] Then, the sent contents confirmation data 
verification unit 205P verifies the received contents for 
every message by comparing the received contents and 

20 the sent contents at Step SF9P to SF1 2(3. Then, at Step 
SF13P, after receiving the results of the verifications at 
Step SF9P to SF12P mentioned above, the sent con- 
tents confirmation data verification unit 205p judges 
whether the received contents matches the sent con- 

25 tents or not. When the judgement is negative (NO), it is 
judged that tampering or communication error occurs. 
On the other hand, when the received contents amtches 
the sent contents, the sent contents confirmation data 
verification unit 205P judges that the result of Step 

30 SF13P is positive (YES) and regards that there is no 
tampering or communication error. 
[01 43] As mentioned above, according to the exam- 
ple of the information tamper detection device , it 
becomes possible to detect the information tampering 

35 even if the terminal doesn't have the privilege to decrypt 
the received information since said device is con- 
structed to detect tampering by using the received con- 
tents confirmation data 13P and the sent content 
confirmation data 14p. 

40 [0144] Example 2 of this invention is explained 
exactly as mentioned above. However, the detail consti- 
tution of this invention is not limited by the example 
mentioned above. For example, in the example of the 
information tamper detection device mentioned above, 

45 the information tamper detection may be done by per- 
forming a tamper detection program which can perform 
these functions mentioned above, in a computer system 
. In this case, such program is recorded in the readable 
medium and is installed in the computer system. 

50 [0145] Moreover, the tamper detection program 
mentioned above may be recorded or memorized of the 
overall or part by a portable medium such as the floppy 
disk or the CD-ROM etc. and the recording device such 
as the hard disk. This tampering detection program is 

55 read by computers and performed the overall or part of 
an operation. 

Moreover, the recording medium in this case may 
include not only the static recording medium such as the 
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optical-magnetic disk etc. but also the dynamic record- 
ing medium which keeps the tamper detection program 
in short time, for example, the communication line such 
as the exclusive line of internet and the telephone line, 
when the tamper detection program is transmitted. In 5 
addition, the recording medium in this case mentioned 
above may also include the server and the inner mem- 
ory of computers in which the tampering detection pro- 
grams are kept at a constant time when said programs 
are transmitted. w 
[0146] As mentioned above, according to Example 
2 of this invention, it becomes possible to detect an 
information tampering even if the terminal doesn't have 
privilege to decrypt received information, since the sys- 
tem of said device is constructed to detect tampering by 15 
using the received contents confirmation data and the 
sent content confirmation data. 

Example 3 

20 

[0147] Example 3 of this invention is concerning to 
the encryption / decryption device which encrypts or 
decrypts information, these methods and recording 
media. 

[0148] The following techniques have been known 25 
about Example 3 of this invention. 
In general, when the information is communicated, 
there are some needs to keep secret about this informa- 
tion. Therefore, various encryption methods are 
designed. An operation flow chart of one example of an 30 
encryption device which uses a conventional encryption 
/ signature method is shown in Figure 33. In this exam- 
ple method, the combination method of the public key 
cryptography and the secret key cryptography is used. 
At first, the encryption device obtains the secret key by 35 
inputting the secret key from the sender or generating 
random numbers to create the secret key at the encryp- 
tion device side. (Step S151y) 

Next, the secret key is encrypted to create the 
encrypted secret key by using the receiver's public key 40 
in utilization of the public key cryptography. (Step 
S152y) 

Next, the plain text is encrypted to create the encrypted 
message by utilizing the secret key cryptography. (Step 
S153y) 45 
Moreover, the plain text is digested to create the mes- 
sage digest MDyby using Hash function. (Step S154y) 
Then, this MDy is encrypted by using the sender's 
secret key and the digital signature is added. (Step 
S155y) so 
The sender sends the created encrypt secret key and 
the encrypted message to the recipient through the net- 
work etc. 

[0149] In Figure 34, the operation flow chart of the 
decryption device, in which the decryption method cor- 55 
responding to the encryption / signature method men- 
tioned above is used, is shown. 

At first, the decryption device decrypts the encrypted 
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secret key to obtain the secret key by using the recipi- 
ent's private key when the encrypted secret key, the 
encrypted message and the signature are received. 
(Step S161y) 

Then, the encrypted message is decrypted to obtain the 
plain text by using this secret key. (Step S1 62y) 
Next, the decrypted plain text is digested to create the 
message digest MD'y by using Hash function. (Step 
S163y) 

Moreover, the digital signature of the received message 
digest MDy is decrypted to obtain MD'y by using the 
sender's public key. (Step S164y) 
Next, the verification whether the original plain text is 
tampered or not is done by comparing between MDy 
and MD'y. In this method, there is an advantage that the 
author of the plain text can confirm the signature by him- 
self by verifying the signature. 

[0150] Next, according to the cryptography pub- 
lished on the patent application No. Hei 8-156964, infor- 
mation consisting of plural plain text data parts is 
encrypted by the cryptography mentioned above. In Fig- 
ure 35, the construction of the information consisting of 
n data parts and the encrypted information being cre- 
ated by said information is shown. In this encrypted 
information, the encrypted secret key corresponding to 
the each data part, the encrypted message of the data 
parts and the digital signature of the data parts are 
included. For one example, the digital signature size 
corresponding to the data part of 69 bit is 2329 bits. 
There is a minimum limit about the digital signature size 
and even if the data part size is small, the digital signa- 
ture size has the magnitude more than a certain size. 
For example, according to the information consisting of 
1 00 data parts which are 69 bits each other, the infor- 
mation being 2329 x 100 = 232900 bits is added when 
the digital signatures are added to prevent tampering. 
[0151] Next, according to the cryptography pub- 
lished on the patent application No. Hei 9-71388, the 
message digests of each data parts, which compose 
the information, are signed and encrypted collectively. 
In Figure 36, the construction of the information consist- 
ing of n data parts (plain texts) and the encrypted infor- 
mation created by said information is shown. 
[0152] When the information consisting of plural 
data parts is encrypted, for example, in the method on 
the patent No. Hei 8-156964, there are some problems 
such as much time is required to transmit the encrypted 
information and much resources such as memory 
devices etc. are needed since the overhead of data 
becomes too much. Moreover, in the method on the pat- 
ent No. Hei 9-71388, since all message digest of each 
data part are signed collectively, verification of the sig- 
nature can not be done unless all plain messages 
become. Moreover, when there is an user to whom only 
the reference of a part of data parts is permitted, there 
are problems such as tampering of the data parts is 
unverifiable and each data part cannot be changed 
simultaneously etc. 
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[0153] This invention was made in view mentioned 
above and provides the encryption device, the decryp- 
tion device, these methods and these recording media 
which can make less overhead of the encrypted infor- 
mation which encrypts the information including plural 
data parts (plain text). And it also provides that above 
mentioned devices, method and media which can be 
used by plural users, detect tampering of each data 
parts, and change each data parts simultaneously. 
[0154] Hereinafter, Example 3 is explained by refer- 
ring to figures. 

Figure 19 shows the block diagram showing the con- 
struction of an encryption device and a decryption 
device in the example of this invention. In addition, in 
this example, an encryption / decryption device in which 
the encryption device and the decryption device are 
united is explained. 

[0155] The encryption / decryption device 10y of 
this invention consists of a key encryption unit 11 y, a key 
decryption unit 12y, an encryption unit 13y and a 
decryption unit 14y. The key encryption unit 11y con- 
sists of a secret key obtaining unit 15y, a secret key 
encryption unit 16y and a secret key tamper detection 
code creation unit 17y which is the 1st secret key 
tamper detection code creation unit. The key decryption 
unit 12y consists of a secret key decryption unit 18y, a 
secret key tamper detection code creation unit 19y 
which is the 2nd secret key tamper detection code cre- 
ation unit and a tamper detection unit 20y which is as 
the 1st tamper detection unit. The encryption unit 13y 
consists of a data encryption unit 21 y and a data tamper 
detection code creation unit 22y which is the 1st data 
tamper detection code creation unit. The decryption unit 
14y consists of a data decryption unit 23y, a data tamper 
detection code creation unit 24y which is the 2nd data 
tamper detection code creation unit and a tamper detec- 
tion unit 25y which is the 2nd tamper detection unit. 
[0156] The secret key obtaining unit 15y obtains or 
creates the secret key which is used in encryption. In 
order to create the secret key, a random number crea- 
tion device etc., for example, is used. The secret key 
encryption unit 16y encrypts the secret key by using a 
public key cryptography such as RSA method or an 
elliptic curve cryptography etc. As the public key used 
for encryption, the public key of members sharing infor- 
mation is used. For example, when there are 3 mem- 
bers sharing information, the secret key is encrypted by 
using the public key of 3 members and 3 encrypted 
secret keys are created. The secret key tamper detec- 
tion code creation unit 17y creates the used key infor- 
mation to verify the authentication of the secret key 
(l.not tampered, or 2. created by justified users etc. ). 
For one example, the secret key is digested by Hush 
function such as MD5 or SHA-1 etc. to create the mes- 
sage digest MDy of the secret key and then, the mes- 
sage digest which is signed to this MDy by using the 
private key of the secret key's creator, is usable as the 
key information. For the creation / detection of the sig- 



nature, it may be used that digital signature methods 
such as DSA etc. excepting the public key cryptography 
mentioned above. 

[0157] The secret key decryption unit 18y decrypts 

5 the encrypted secret key which is encrypted in the 
secret key encryption unit 16y by using the public key 
cryptography. As the private key used for decryption, the 
private key of the user, who decrypts, is used. The 
secret key tamper detection code creation unit 19y cre- 

w ates the secret key tamper detection code to verify the 
secret key. For example, the secret key tamper detec- 
tion code creation unit 19y digested the secret key 
decrypted in the secret key decryption unit 1 8y by using 
Hash function to create the message digest MD'y. The 

15 tamper detection unit 20y verifies the secret key by com- 
paring the key information (for example MDy) and the 
secret key tamper detection code (for example MD'y) 
which is created in the secret key tamper detection code 
creation unit 19y. When the secret key is verified, the 

20 secret key's creator also should be verified and this is 
defined separately. 

[0158] The data encryption unit 21 y encrypts data 
parts (plain texts) by using the secret key cryptography 
to create the encrypted messages. As the secret key 

25 used for encryption, the secret key which is obtained or 
created in the secret key obtaining unit 15y is used at 
the first time of the encryption. When the existing 
encrypted information is used, the secret key decrypted 
in the secret key decryption unit 1 8y is used. The data 

30 tamper detection code creation unit 22y creates the 1st 
data tamper detection code to detect whether the data 
parts are tampered or not. For example, the data mes- 
sage digest which was digested by using Hash function, 
the part of information extracted from the data parts and 

35 ID number etc. can be used as the 1st data tamper 
detection code. 

[0159] The data decryption unit 23y decrypts the 
encrypted text by using the secret key cryptography. As 
the secret key used for decryption, the secret key 

40 decrypted in the secret key decryption unit 1 8y is used. 
The data tamper detection code creation unit 24y cre- 
ates the 2nd data tamper detection code to detect 
whether the data parts are tampered or not, which cor- 
responds with the 1st data tamper detection code. For 

45 example, the message digest created by digesting the 
original data part decrypted in the data decryption unit 
23y in use of Hash function, the part of information 
extracted from the data parts and ID number etc. may 
be used as the 2nd data tamper detection code. The 

so tamper detection unit 25y confirms the authentication of 
the decrypted original data part by comparing and 
detecting the 1st data tamper detection code and the 
2nd data tamper detection code. 
[0160] In addition, it is possible to realize the secret 

55 key encryption unit 1 6y and the data encryption unit 21 y 
in the same device. Moreover, it is also possible to real- 
ize the secret key decryption unit 18y and the data 
decryption unit 23y in the same device. Moreover, it is 
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possible to realize the secret key tamper detection code 
creation unit 17y and 19y or the data tamper detection 
code creation unit 22y and 24y in the same device. Sim- 
ilarly, it is possible to realize all of the secret key tamper 
detection code creation unit 17y and 19y and the data 5 
tamper detection code creation unit 22y and 24y in the 
same device. Moreover, it is possible to realize the 
tamper detection unit 20y and the tamper detection unit 
25y in the same device. Moreover, it is also possible to 
use to realize the encryption / decryption device as the 10 
device which is not a single device but a composite 
device consisting of each isolated units. In addition, the 
encryption device in claim 51 and claim 52 can consist 
of the key encryption unit 11y and the encryption unit 
13y. Moreover, the encryption device in claim 53 can 75 
consist of the key encryption unit 11y, encryption unit 
13y and the key decryption unit 12y. The decryption unit 
in claim 54 and 55 can consist of the key decryption unit 
12y and the decryption unit 14y. 

[0161] In Figure 20, one utilization form of the 20 
encryption / decryption unit 1 0y of this example. 
In this utilization form, an information storing device 30y 
consisting of the server which is connectable with the 
network and other terminal devices etc. is connected 
with a terminal unit 31 y having the encryption / decryp- 25 
tion device 10y through the network. The information 
storing device 30y has nonvolatile recording devices 
such as the hard disk or the optical-magnetic disk etc. 
and can store the encrypted information such as the 
encrypted message, the data tamper detection code, 30 
the encrypted secret key and the key information, and 
other related information. Moreover, at the terminal unit 
31 y, an input unit and a display unit (not shown in Figure 
20) are connected as circumscription units. In this case, 
the input unit means the input device such as a key- 35 
board or a mouse etc. The display unit means CRT 
(Cathode Ray Tube) and LCD (Liquid Crystal Display). 
In addition, it is also possible to store the encrypted 
information at the local terminal to use at stand-alone. 
[0162] Next, the operation of the encryption / 40 
decryption device 10y of this Example in the utilization 
form constructed mentioned above is explained. 
First, when the first data parts are encrypted, the oper- 
ation of the encryption / decryption device 10y is 
explained by referring to the flow chart in Figure 21. In 45 
addition, the operation step in following explanation is 
one example of the operation of this Example and is not 
limited to operate other steps. 

[0163] At first, the secret key obtaining unit 15y 
obtains or creates the secret key by inputting from the 50 
out side of the encryption / decryption device 10y. (Step 
S301y) 

[0164] Then, the secret key encryption unit 16y cre- 
ates the encrypted secret key in which the secret key is 
encrypted by utilizing the user's public key already 55 
obtained through the net work. (Step 302y) 
[0165] Moreover, the secret key tamper detection 
code creation unit 17y creates the secret key creator's 



information such as the private key of the secret key 
creator etc., as the key information for the secret key 
tamper detection code. (Step S303y) 
[0166] Data encryption unit 21 y encrypts the data 
parts 1y (the plain text) to create the encrypted mes- 
sage 1y. (Step S304y) 

[0167] Moreover, the data tamper detection code 
creation unit 22y creates the data tamper detection 
code 1y which is the information about data parts 1y 
from data parts 1y. (Step S305y) In addition, when the 
data parts consist of n parts, the operation from Step 
S304yto Step S305y is repeated n times. 
[0168] Then, the set of the encrypted message 
1,2, •• • ,n, the data tamper detection code 1,2, 
,n, the key information and the encrypted secret key is 
transmitted to the information storing device 30y as the 
encrypted information. (Step S306y) 
[0169] In addition, the explanation mentioned 
above is the case when the number of the user is one 
and the number of the encrypted secret key to be used 
is one. When the number of the user who shares the 
encrypted information is plural (for example, m), m kinds 
of the encrypted secret key are created by using every 
each user's public key Namely, the encrypted secret 
keys corresponding for every users are created. 
In Figure 22, the construction of the information before 
encryption and the encrypted information are shown. 
Here, it is shown that, as the encrypted information, 
encrypted message 1,2, • • • ,n, the data tamper detec- 
tion code 1,2, •••,n, the encrypted secret key 
1 ,2, • • • ,m and the key information are created from 
the before encrypted data parts 1 ,2, • • • ,n. 
[0170] Next, the operation of the encryption / 
decryption device 10y is explained by using the opera- 
tion flow chart in Figure 23 when the encrypted informa- 
tion which includes the encrypted messages of plural 
data parts (n) is decrypted. In addition, only the person 
who has the private key corresponding to the public key 
which was used when the encrypted secret key was 
created, can perform this operation. 
[0171] First, the encryption / decryption device 10y 
obtains the encrypted information which is memorized 
in the information storing device 30y. (Step S501y) In 
addition, the encrypted secret key, which is included in 
the encrypted information, is corresponded with user's 
name and user's ID etc. and the encrypted secret key 
corresponding to the user is transmitted from the infor- 
mation storing device 30y to the encryption / decryption 
device 1 0y. 

[0172] Then, the secret key decryption unit 18y 
decrypts the encrypted secret key by using the user's 
private key, to obtain the secret key. (Step S502y) Here, 
the user's private key is already inputted. 
[0173] Next, the secret key tamper detection code 
creation unit 19y creates the secret key tamper detec- 
tion code by using the secret key obtained in Step 502y. 
(Step 503y) 

[0174] Then, the tamper detection unit 20y authen- 



22 



41 



EP 1 083 699 A1 



42 



ticates the key creator by comparing the obtained key 
information with the secret key tamper detection code. 
(Step S504y) In this case, the creator's authentication is 
judged when these two information match together. 
[0175] At Step S504y, when it is judged that the key 5 
creator is valid, the set of n encrypted messages and n 
data tamper detection codes is operated in the following 
orders. 

First, the data decryption unit 23y decrypts the 
encrypted message by using the secret key. (Step 10 
S505y) 

[0176] Then, the data tamper detection code crea- 
tion unit 24y creates the data tamper detection code by 
using the decrypted data parts. (Step S506y) In addi- 
tion, the data tamper detection code created in this step 15 
is called as the 1st data tamper detection code and the 
data tamper detection code which is stored as the 
encrypted information is called as the 2nd data tamper 
detection code. 

[0177] Next, the tamper detection unit 25y detects 20 
whether tampering is done or not by comparing the cre- 
ated 1st data tamper detection code with the 2nd data 
tamper detection code which is a part of the encrypted 
information. (Step S507y) When these two information 
match, it is detected that tamper is not done. 25 
[0178] At Step S507, when it is judged that tamper 
is not done, the decrypted data parts (plain texts) are 
outputted. (Step S508y) 

[0179] In addition, in the above explanation, the key 
decryption unit 12y is made to use only the encrypted 30 
secret key corresponding to the user by matching the 
user name, the user ID etc. and the encrypted secret 
key. When there are multiple encrypted secret keys (i.e., 
there are multiple users sharing the encrypted informa- 
tion), as the other method to obtain the encrypted key 35 
corresponding to the user, Step S502y to S504y men- 
tioned above are performed as follows. First, all 
encrypted secret keys are decrypted at Step 502y. 
When the multiple encrypted secret keys are decrypted, 
the multiple secret keys, in which the not formal type 40 
keys are also included, are created. At Step 503y, the 
secret key tamper detection codes are created corre- 
sponding to all secret keys created at Step S502y. Next, 
at Step S504y, each secret key tamper detection code is 
compared and verified with the key information. When 45 
all of the pairs are different each other, it is judged that 
tampering is done. If there is one matching, it is judged 
that the corresponding secret key is the correct secret 
key. 

[0180] Next, after mentioning the processing in 50 
which the encrypted information is created from the 
data parts 1 ,2, • • • ,n and is transmitted to the informa- 
tion storing device 30y, here, the operation of the 
encryption / decryption device 1 0y is explained by refer- 
ring to the operation flow chart in Figure 24 when the 55 
information is added furthermore to said encrypted 
information. 

[0181] First, the encrypted secret key and key infor- 



mation is obtained from the information storing device 
30y where the encrypted information is stored. (Step 
S601y) In addition, the encrypted secret key in the 
encrypted information is corresponded by the user 
name and user ID etc. and the encrypted secret key cor- 
responding to the user is transmitted to the encryption / 
decryption device 10y from the information storing 
device 30y. 

Then, the secret key decryption unit 18y decrypts the 
encrypted secret key corresponding to the user by using 
the user's private key. (Step S602y) In this time, the 
user's private key shall be input previously. 
[0182] Next, the secret key tamper detection code 
creation unit 19y creates the secret key tamper detec- 
tion code from the secret key obtained at Step S602y. 
(Step 603y) 

[0183] The tamper detection unit 20y compares and 
verifies whether the key information mentioned above 
matches the secret key tamper detection code or not, 
and authenticates the key creator. (Step S604y) In this 
time, the authentication of the key creator can be judged 
by these two information being matched. 
[0184] When it is judged that the key creator is 
authenticated at Step S604y, the data encryption unit 
21y creates the encrypted messages n + 1 by encrypt- 
ing the additional data parts n + 1 . (Step S605y) 
[0185] Furthermore, the data tamper detection 
code creation unit 22y creates the tamper detection 
codes n + 1 from the data parts n + 1 . (Step S606y) 
In addition, when the additional data parts consists of L 
pieces, the operation from Step S605yto Step S606yis 
repeated L times. 

[0186] Then, the encrypted messages n + 1 , n +2, - 
--, n + L and the tamper detection codes n + 1 , n + 2, -- 
-, n + L are transmitted to the information storing device 
30y and additionally stored as the encrypted informa- 
tion. (Step S607y) 

[0187] In addition, in the above explanation, the key 
decryption unit 12y uses only the encrypted secret key 
corresponding to the user by matching the user name, 
the user ID, etc. and the encrypted secret key. When 
there are multiple encrypted secret keys (i.e., there are 
multiple users who share the encrypted information), 
the above-mentioned Step S602y to S604y are per- 
formed as follows as the other method to obtain the 
encrypted secret key corresponding to the user. First, all 
encrypted secret keys are decrypted at Step S602y. 
When multiple encrypted secret keys are decrypted at 
Step S602y, multiple secret keys, which also include not 
correct keys, are created. At Step S603y, the secret key 
tamper detection codes are created to all secret keys 
created at Step S602y. Next, at Step S604y, each secret 
key tamper detection code and key information are 
compared and verified. When all combinations are dif- 
ferent, it can be judged that tampering is done. If there 
is one matching, it can be judged that the secret key 
corresponding to said one is the correct secret key. 
[0188] The structures of the encrypted information 
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before and after addition are shown in Figure 25. In this 
figure, it is shown that the encrypted message n + 1, n 
+2, • • • , and n + L and the data tamper detection code 
n + 1 , n + 2, • • • , and n + L are added to the original 
encrypted information as the encrypted information. 
[0189] Next, the operation of the encryption / 
decryption unit 1 Oy is explained as referring to the oper- 
ation flow chart in Figure 26 when a sharing member is 
added to the team which shares the encrypted informa- 
tion memorized in the information storing device 30y. 
Here, it is explained when the sharing member C is 
added to the team where the sharing member A and B 
are affiliated, as a new member by said member B. 
[0190] At first, the encryption / decryption device 
10y accesses to the information storing device 30y and 
obtains the key information and the encrypted secret 
key B corresponding to the sharing member B by the 
operation of the sharing member B. (Step S801y) 
[0191] The secret key decryption unit 18y decrypts 
the encrypted secret key B to obtain the secret key by 
using the private key of the sharing member B who is 
the recipient. (Step S802y) 

[0192] The secret key tamper detection code crea- 
tion unit 19y creates the secret key tamper detection 
code from the secret key. (Step S803y) 
[0193] Then, the tamper detection unit 20y confirms 
the validity of the key creator by comparing and verifying 
the obtained key information and secret key tamper 
detection code. (Step S804y) In this case, it is verified 
that the tampering has not done when these two infor- 
mation match. 

[01 94] When the validity of the key creator was con- 
firmed in Step S804y, the secret key encryption unit 1 6y 
encrypts the secret key to create the encrypted secret 
key C by using the public key of the sharing member C 
who is added as the new member. (Step S805y) 
[0195] The key encryption unit 12y transmits the 
created encrypted secret key C to the information stor- 
ing device 30y. (Step S806y) 

[0196] By this way, the encrypted secret key A, B 
and C corresponding to the three sharing members are 
stored in the information storing device 30y. After this 
time, the added sharing member C can do the reference 
and the manipulation etc. to the encrypted information 
of the team. 

[0197] The structures of the encrypted information 
before and after of the addition of the sharing member C 
is shown in Figure 27. In this figure, it is shown that the 
encrypted secret key C for the new sharing member C is 
added to the original encrypted information as the 
encrypted information. 

[0198] Next, the operation of the encryption / 
decryption device 10y is explained as referring to the 
operation flow chart in Figure 28 when a sharing mem- 
ber is deleted. Here, it is explained when the sharing 
member B deletes the sharing member A in the team 
where the sharing member A, B and C are affiliated. 
[0199] The encryption / decryption device 10y 



accepts the delete command for deleting the sharing 
member A by the input operation of the sharing member 
B. (Step S101y) 

[0200] The data tamper detection code creation unit 
5 22y creates the data tamper detection code correspond- 
ing to the delete command of the sharing member A. 
(Step S102y) 

[0201] Next, the encryption / decryption device 10y 
transmits the delete command which consists of the 
w delete command of the sharing member and the data 
tamper detection code which identifies the principal who 
issued the delete command, to the information storing 
device. (Step S103y) 

[0202] In addition, the information storing device 
15 30y has the function to identify the principal who issued 
the delete command and can delete the encrypted 
secret key corresponding to the delete command. More- 
over, the digital signature of sharing member B who 
issued the delete command of sharing member A may 
20 be used as the data tamper detection code used in this 
case. Moreover, as the identification information to iden- 
tify the principal who issued the delete command, the 
information storing device 30y may verify the identifica- 
tion information which is registered in the information 
25 storing device 30y by using ID or pass word etc. 

[0203] The structures of the encrypted information 
before and after deletion of sharing member A are 
shown in Figure 29 

Here, it is shown that encrypted secret key A for sharing 

30 member A is deleted from the original encrypted infor- 
mation as the encrypted information. 
[0204] Next, the performance of the encryption / 
decryption unit 10yof this Example is explained in detail 
as using a concrete example. 

35 At first, as the example of No. 3-1, the transaction is 
explained when user B adds the business which are 
"seminar entry" and "from 15:00" to the items on Octo- 
ber 1 , 1 998 of the schedule which is shared by the team 
1 01 y (three users, i.e., A, B, and C are belonging). In 

40 this example, the information about the schedule 
includes the encrypted and not encrypted information 
and is stored in the outside information storing device 
30y. Moreover, the information storing device 30y can 
restrict the access to the information which is kept 

45 according to the user's privilege. Moreover, the encryp- 
tion / decryption unit 10y which is used by user B has an 
input unit (not drown) which receives the data inputted 
by user B and a display unit (not drown) which display 
the information. 

50 [0205] First, user B accesses to the information 
storing device 30y from the encryption / decryption unit 
10y and confirms whether user B can access to the 
schedule on October, 1998 of team 1 01 y or not. 
[0206] If it [he] can access, user B accesses to the 

55 schedule on October, 1998 of team 101y. The informa- 
tion storing device 30 transmits the schedule on Octo- 
ber, 1998 of the team 1 01 y to the encryption / 
decryption unit 10y and the encryption / decryption unit 
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10y displays the schedule on its display unit. In addition, 
at this step, the information of the schedule is not 
encrypted. 

[0207] User B inputs "go to seminar" and "from 
15:00" on the item on October 1, 1998, by using the 
input unit of the encryption / decryption unit 1 Oy. 
[0208] Next, the secret key is created in the secret 
key encryption unit 16y.ln this example, this secret key 
is called cKeyly. 

[0209] Next, at the secret key encryption unit 16y, 
this cKeyly is encrypted with the public keys of user A, 
user B and user C by using the public key cryptography 
such as RSA system. By this way, three encrypted 
secret keys are created corresponding to three users at 
the secret key encryption unit. In this example, these 
encrypted secret keys are each called as eKeylAy, 
eKeyl By and eKeyl Cy. 

[0210] Next, the secret key tamper detection code 
creation unit 17y creates MDy which is the message 
digest of the secret key and signs to the MDy by using 
the private key of user B. This signed MDy is 
SignedKeyly which is the key information. 
[0211] The data encryption unit 21 y encrypts "go to 
seminar" which is the data parts of the schedule by 
using the secret key cKeyly to create the encrypted 
message CryptDataly. 

[0212] Next, the data tamper detection code crea- 
tion unit 22y creates MessageDly which is the message 
digest of "go to seminar" by using, for example, MD 5 
which is Hush function. 

[0213] The operation steps applied to "go to semi- 
nar" are performed to "from 15:00" which is also the 
data parts of the schedule and then, the encrypted mes- 
sage CryptData2y and the message digest 
MessageD2y are obtained. 

[021 4] Then, these information are transmitted from 
the encryption / decryption unit 10y to the information 
storing device 30y. 

In addition, the structure of the memorized information 
in the information storing device 30y at this time is 
shown in Figure 30. In this information storing device 
30y, the following information are memorized, i.e., the 
information which distinguishes the schedule created by 
the transaction mentioned above, the user ID, the 
encrypted secret key, the key information, the encrypted 
message, the data tamper detection code and the 
related information. 

[0215] Next, as Example 3-2, the transaction is fur- 
ther explained from Example 3-1 when user A adds the 
businesses, i.e., "meeting" and "from 1 7:00" to the items 
on October 2. 1998 of the schedule which is shared by 
the team 101y (user A, B and C are belonging). In this 
case, the encrypted information is the one created at 
Example 3-1 . 

[0216] First, user A accesses the information stor- 
ing device 30y from the encryption / decryption device 
10yto confirm whether he can access the schedule on 
October, 1 998 of the team 1 01 y or not. 



[0217] If he can access, user A accesses the 
schedule on October, 1998 of the team 101y. The infor- 
mation storing device 30y transmits the encrypted 
secret key eKeyl Ay and the key information 

5 SingnedKeyl y to the encryption / decryption device 1 0y. 
[0218] User A inputs "meeting" and "from 17:00" to 
the business items on October, 1998 by using the input 
unit of the encryption / decryption device 1 0y. 
[0219] Next, the secret key decryption unit 18y 

w decrypts the encrypted secret key eKeyl Ay to create 
the secret key cKeyly 

[0220] Next, the secret key tamper detection code 
creation unit 19y creates the message digest keyDI'y of 
the secret key cKeyly. 

15 [0221] Next, the tamper detection unit 20y the key 
information Signedkeyly by using the public key of user 
B to obtain the message digest keyDly of the secret key 
which is before encryption. Then, keyDly are compared 
with keyDI'y- When keyDly matches keyDI'y, it is 

20 judged that the created secret key by user B, which 
belongs to team 10y, are obtained without tampering. 
Thereby, the validity of the secret key can be verified. 
[0222] Here, it is necessary to obtain the confirma- 
tion whether it is right that user B creates the secret key 

25 or not, i.e., the confirmation of the validity of the secret 
key creator himself, as the secret key creator validity 
confirmation information. As an example of the obtain- 
ing method of the secret key creator validity confirma- 
tion information in this case, the method in which the 

30 display of the information that the secret key creator is 
user B is shown on the display unit of the encryption / 
decryption unit 10yas a dialog box, and said information 
is confirmed by users, may be permitted. As the other 
method, it may be obtained from the information storing 

35 device 30y as the related information through the net- 
work. 

[0223] Next, the data encryption unit 21 y encrypts 
"meeting" which is the data parts of the schedule by 
secret key cKeyly to create the encrypted message 
40 CryptData3y. 

[0224] Next, the data tamper detection code crea- 
tion unit 22y creates the message digest MessageD3y 
of "meeting" by using MD5 which is Hush function as an 
example. 

45 [0225] The step applied to "meeting" is done to 
"from 17:00" which is the data parts of the schedule, 
and encrypted message of "from 17:00" CryptData4y 
and message digest MessageD4y are obtained. 
[0226] Then, these information are transmitted to 

so the information storing device 30yfrom the encryption / 
decryption unit 10y. 

[0227] In addition, the structure of the information 
memorized in the information storing device 30y at this 
time is shown in Figure 31 . In this figure, the case when 
55 the encrypted message and the data tamper detection 
code are added by the processing mentioned above is 
shown. 

[0228] Next, as Example 3-3, it is explained that the 
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processing of the case where user C refers the sched- 
ule on October, 1998 of team 1 01 y which was created in 
Example 3-1 and 3-2 and was stored in the information 
storing device 30y. 

[0229] First, user C accesses from the encryption / 5 
decryption unit 10yto the information storing device 30y, 
and confirms whether the schedule on October, 1 998 of 
team 101 yean be accessed or not. 
[0230] When it can be accessed, user C accesses 
the schedule on October, 1998 of team 101y. The infor- 10 
mation storing device 30y transmits the schedule on 
October, 1998 of team 101y, the encrypted secret key 
ekeylCy and the key information Signedkeyly to the 
encryption / decryption unit 10y. 

[0231] The secret key decryption unit 1 8y decrypts 15 
the encryption secret key ekeylCy by using the private 
key of user C, and obtains the secret key cKeyly. 
[0232] Next, the message digest CKeyD'y of the 
secret key CKeyly is created at the secret key tamper 
detection information creation unit 19y 20 
[0233] In the tamper detection unit 20y, the 
Signedkeyly is decrypted by using the public key of 
user B, and message digest CKeyDy of the secret key, 
which is before encryption, is obtained. Then, this mes- 
sage digest CKeyDy is compared with previous mes- 25 
sage digest CKeyD'y. When these two message digest 
are equal, it is verifiable that the secret key cKeyly cre- 
ated by user B which belongs to team 1 01 y is obtained 
without tampering. 

Moreover, although it is necessary to do the validity con- 30 
firmation of the secret key creator himself here, it is 
explained as Example 3-2. 

[0234] Next, the data decryption unit 23y decrypts 
the encrypted message CryptDataly by using the 
secret key CKeyl y obtained from the secret key decryp- 35 
tion unit 18y. Then, the plain text "go to seminar" is 
obtained. 

[0235] Next, the message digest MessageDI 'y of 
the plain text is created by using MD5 which is one of 
Hush functions at the data tamper detection code crea- 40 
tion unit 24y 

[0236] The message digest MessageDI y transmit- 
ted from the information storing device 30y is compared 
with the message digest Message D1'y created by the 
data tamper detection code creation unit 24y. When 45 
these two message digests are equal, it is judged that 
the data parts created by the person who belongs to 
team 1 01 y is obtained without tampering. 
[0237] The same procedure mentioned above is 
repeated about the encrypted message CryptData2y ... 50 
CryptData4y and thereby, the data parts "from 15:00", 
"meeting" and "from 17:00" are obtained. 
[0238] The display example of the schedule after 
decryption is shown in Figure 32. As shown in Figure 
32, user C who belongs to the same team can see the 55 
data parts "go to seminar", "from 15:00" which user B 
inputted, and the data parts "meeting", "from 17:00" 
which user A inputted. 



[0239] As mentioned above, the sharing member 
who belongs to one team can do freely the addition and 
the modification of the data parts to an encrypted infor- 
mation, and the reference of another sharing member's 
data parts, etc. But confidentiality to persons who is not 
the sharing member is kept. 

[0240] And as an example, if each size of 
MessageDly, --, MessageD4y may be under 16 bytes 
and the size of the key information may be under 2300 
bytes(there is a lower limit), 16x4 + 2300 = 2364 bytes 
will be the overhead as in this Example. 
[0241] When each of 4 encrypted messages is 
attached signatures by the conventional method, 2300 x 
4 = 9200 bytes becomes overhead. Therefore, the 
method of this invention can be suppressing the amount 
of information from the conventional method. 
[0242] In addition, the invention of Example 3 can 
also use the network by LAN, and a dial up other than 
the internet. 

[0243] Moreover, in order to realize the encryption 
device, the decryption device and the method of this 
invention, the encryption and decryption processing 
may be also done by the program which is memorized in 
the record medium which is readable by computers, and 
is read in the computer system. 

[0244] That is, in the record medium which 
recorded the encryption program and is readable by 
computers, the encryption program makes the compu- 
ter to realize the following functions comprising; 

the function which obtains or creates the secret key 
used for an encryption by using the secret key 
encryption system; 

the function which encrypts the secret key men- 
tioned above to create the encrypted secret key by 
using the public key cryptography; 
the function which creates the key information from 
the secret key mentioned above; 
the function which encrypts the plain message by 
using the secret key cryptography to create the 
encrypted message; and 

the function which creates the 1st data tamper 
defection code from the plain message mentioned 
above. 

[0245] Moreover, in the record medium which 
recorded the decryption program and is readable by 
computers, the decryption program makes the compu- 
ter to realize the following functions comprising; 

the function which decrypts the encrypted secret 
key mentioned above by using the public key cryp- 
tography; 

the function which creates the secret key tamper 
defection code from the secret key which decrypted 
the encrypted secret key mentioned above; 
the function which detects tampering from the key 
information and the secret key tamper detection 
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code mentioned above; 

the function which decrypts the encrypted message 
mentioned above by using the secret key cryptogra- 
phy; 

the function which creates the 2nd data tamper 
defection code from the plain message in which the 
encrypted message mentioned above is decrypted; 
and 

the function which detects tampering from the 1st 
and 2nd data tamper defection code mentioned 
above. 

[0246] As exactly mentioned above, according to 
the invention of the Example 3, the overhead of the 
encrypted information can be decreased since the 
tamper detection code is not created for every plain 
texts but the key information which becomes the tamper 
detection code is created for the secret key which 
encrypts each plain text and it becomes possible to 
detect tampering and to confirm the secret key creator . 
Therefore, the loading to a net work at the time of the 
transmitting of the encrypted information and the capac- 
ity of the memory device at the time of storing the 
encrypted information can be decreased. Moreover, the 
tamper detection can be done for every plain texts since 
the 1st data tamper detection code is added to each 
plain text. Moreover, the encrypted information can be 
shared between multiple users by creating the 
encrypted secret key for every user. 

Example 4 

[0247] The invention of Example 4-1 to 4-4 relates 
to the team data list processing system in order to share 
safely among users, the various kinds of information 
and functions offered to users, while said team data list 
processing system creates, administrates and stores 
the team data list to hierarchize teams, such as divi- 
sions and sections of companies which consist of multi- 
ple users (members). Furthermore, in detail, this 
invention mentioned above relates to the system which 
consists of the team data list storing device which proc- 
esses to store the team data list and the team data list 
administration device which executes various kinds of 
administration of the team data list which is obtained 
from the team data list storing device. 
[0248] The following technology is conventionally 
known about the invention of Example 4-1 to 4-4. 
In order to share such various resources as various 
kinds of functions and information offered to users, 
among the multiple users, it is necessary to prepare the 
function which verifies whether the user, who requires 
the access to these resources, has the privilege surely 
to access the resources or not. In order to perform such 
verification, the list called access control list (it is here- 
after written as ACL) is utilized conventionally. ACL is 
the list which defined beforehand the user to whom the 
proper permission of the access to the resource was 



given. In addition, ACL said here is one example of the 
list which includes only the information for controlling 
the access to the shared resource, among the various 
information included in the team data list mentioned 
5 above. 

[0249] The scheme of the conventional system of 
the information sharing among the multiple users using 
ACL is shown in Figure 51. The system shown in this 
figure, the intranet 15 and the internet 28 are connected 

w to the server 55 through each fire walls 35 and 45, and 
not only the person of the intranet 1 5 interior but also the 
sharing member 65 outside intranet is sharing the infor- 
mation for each other through the internet 25. As every- 
one knows, the intranet 15 is a closed network which is 

15 a improved network in the companies, etc., on the other 
hand, the internet 25 is a public network all over the 
world. 

[0250] And, the fire walls 35 and 45 are the comput- 
ers to prevent that the malicious invader accesses 

20 unjustly to intranet 15. The server 55 is a terminal (a 
computer) in which various kinds of resources are 
stored, and has the database 75, in which the sharing 
information is stored, and ACL85 which stores the 
group, which can access the specific information or 

25 functions, and the member list of members in said 
group. This server 55 has the data storing unit which 
administrates the sharing information stored in the data- 
base 75 and also has following units comprising; 

30 the user authentication unit to verify whether the 
communication partner who is equivalent to a client 
is permitted or not beforehand; 
the access control unit to verify whether the access 
to the sharing information is possible or not based 

35 on ACL85; and 

the group administration unit that makes the access 
to the specific sharing information possible by only 
the member who belongs to the specific group 
based on ACL85. 

40 

[0251] In the system of Figure 51 , when the access 
is requested to the database 75 from the sharing mem- 
ber 65 or the user in the internet 1 5, the server 55 does 
the user authentication by referring to ACL85 each time. 

45 Then, if the concerned user is defined in ACL85 as the 
member, such access is permitted, and if not defined as 
the member, said access is rejected. Moreover, when 
the access is permitted to the concerned user, the 
server 55 investigates whether said concerned user is 

50 permitted the access about the information shared or 
not, with confirming whether said concerned member is 
included in the specific group or not by referring to 
ACL85. 

[0252] By the way, when the resource is shared 
55 among multiple users, it may not be desirable to include 
the administrator in the sever side to the sharing mem- 
ber. For example, it is considered that the system 
administrator who belongs to the information system 
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division of a certain company is required to be unable to 
access the company's personnel information which 
should share only within the personnel division. How- 
ever, in the system as shown in Figure 51 mentioned 
above, the server administrator 58 is permitted the priv- 5 
ilege to do setup and administration of ACL88. For that 
reason, the server administrator 58 is able to do an 
unjust access to ACL86, and there is a fault which can 
not prevent the intentional tampering of the established 
contents of ACL88. In addition, there is also possibility 10 
that ACL86 is unjustly tampered by a person (a so- 
called cracker) who invades into the server SV8 unjustly 
other than the server administrator. 
[0253] And, when the application to the usage to 
share information in a company is considered, it is 15 
desirable to build the system, which suited such usage 
well. That is to say, in general, the organization of the 
company, whose size is larger than some degree, is 
formed in a hierarchical structure as the shape of a pyr- 
amid. For example, it is very general that the 1 st person- 20 
nel section and the 2nd personnel section are installed 
under the personal division etc. Moreover, in the devel- 
opment division etc., it is considered that the general 
manager of said development division has the privilege 
to make the section newly, unifies some sections or 25 
abolishes a certain specific section, according to the 
development process of the goods. Moreover, each sec- 
tion is sometimes divided into some groups by the busi- 
ness function. 

[0254] In such system, it is an awful burden that the 30 
general manager of the development division adminis- 
trates the constituent members of each section and all 
groups belonging to each section. Therefore, in order to 
distribute such administration burden, it is often done 
that several persons, who assist the general manager of 35 
the development division, is assigned and executes a 
part or all of his management job as the deputy. Further- 
more, it is explored that the general manager of the 
development division is awarded only the privilege to do 
creation, consolidation or abolition of sections and the 40 
section manager or the group leader, etc., under said 
section manager are entrusted to the inside administra- 
tion of the section, and the information sharing itself. 
However, in the conventional system mentioned above, 
there is the problem in which the flexible administration 45 
and information sharing which suited the system form of 
the company explained above are not considered. 
[0255] This invention has been made in view of the 
points mentioned above and the object is to offer the 
team data list processing system for realizing the team 50 
hierarchization and various kinds of information and 
functions, while preventing crackers and outsiders of the 
team, including the authorities such as server adminis- 
trators, the team is in equivalent to the organization unit 
of the companies, etc., doing wrong with the team data 55 
list. Furthermore, in detail, it is to offer the team data list 
processing system in which only the specially estab- 
lished persons from the members belonging each team 



can create the sub team under the team, assign the 
privilege creating the sub team to the established multi- 
ple persons, and make the administration in the sub 
team to the established persons who are specified by 
the privileged persons to create the sub team. 
[0256] Hereafter, the Examples 4-1 to 4-4 are 
explained by referring to figures. At first, the team data 
list of this invention is explained. The team data list is 
the general term of the lists defining the information 
about the team and is for defining "aggregation of mem- 
bers" which is applied to the uses required highly confi- 
dential administration like ACL mentioned above. As 
mentioned above, in the conventional system, the infor- 
mation about the team can be modified by the terminal 
administrator, the net work administrator and the server 
administrator, etc. who are not the team members. On 
the other hand, in the team data list of this invention, it 
becomes possible that only the team member does the 
team administration, such as the team hierarchization 
or the modification of the team master himself, by divid- 
ing and administrating the team information to the multi- 
ple lists (an authority list, an authority data, a member 
list, team master list and an application list as men- 
tioned later). 

[0257] In the following Examples explained in detail, 
at first, it becomes to realize the structure in which the 
information sharing is done by imitating the hierarchical 
relationship in the company organization, etc., by ena- 
bling to create the sub team to the subordinate of the 
team. In the second, it becomes to realize the structure 
which can award the creation privilege of the sub team 
to the especially specified plural persons. By this way, 
the administration loading is dispersed. In the third, it 
becomes to realize the structure in which the privileged 
person of the sub team creation makes the specified 
person chosen in the sub team do the administration in 
the sub team. By this way, it enables that the team 
administrator does not participate the administration or 
the information sharing at the inside of the sub team. 

Example 4-1 

[0258] In this Example, by connecting with the hier- 
achized team, the person who can access the team 
data list is classified into three kinds, the member, the 
sub authority, and the team master, according to the 
description of the privilege and the privilege given to 
said person expands in this order. The team master is 
the administrator of a certain team and has the adminis- 
trational privilege to create the sub team which is the 
subordinate organization of said team. On the one 
hand, the sub authority is the person who is nominated 
by the team master and also has the administrational 
privilege of the creation of the sub team like the team 
master but is not allowed to nominate the other person 
as the sub authority. The sub authority may be two or 
more in one case, but may be no person in other case. 
On the other hand, the general member who is other 
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than the sub authority and the team master, is the per- 
son who shares the information and functions but is not 
given any privileges such as the sub team creation priv- 
ilege. In addition, although the sub authority and the 
team master are given the special privilege, there is no 
positional change for them as the member of the team 
and therefore, they may be called as the member. In 
addition, in the following explanations and figures, the 
team master and the sub authority may be written 
briefly for "TM8" and "sub AU5". 

[0259] Hereafter, as this Example, the system 
equipped with two devices, which are the team data list 
administration device and the team data list storing 
device, is explained. Figure 37 shows the block diagram 
of the structure of the whole system of this invention, in 
which the team data list administration device and the 
team data list storing device are equipped. In this figure, 
the team data list administration device 308 and the 
team data list storing device 318 have the team data 
administration unit and the team data list storing unit 
respectively, which are explained in detail as followings, 
and the data are delivered and received each other by 
using communication facility. The team data list admin- 
istration device 308 and the team data list storing device 
318 can be realized by general computers, such as a 
work station. On the main memories on these comput- 
ers, the programs (the team data list administration pro- 
gram and the team data list storing program) are 
memorized to realize the team data list administration 
unit and team data list storing unit. 
[0260] These programs are memorized a part or all 
in a portable memory medium, such as a floppy disk, an 
IC (integrated circuit) card, an optical-magnetic disk, 
and a CD ROM (compact disk-read only memory), and 
a memory medium in which computer reading is possi- 
ble, such as the mass storage medium, for example, a 
hard disk built in a computer, etc. That is, such pro- 
grams may be ones which realize a part of the functions 
explained in detail as follows and furthermore, may also 
be ones which realize these functions by combining the 
programs which are already memorized in computers. 
Then, when the team data list administration device and 
the team data list storing device are operated, these 
programs are beforehand transmitted to the main mem- 
ory from the storing medium under the indication of 
CPU (central processing unit) on the computers. Then, 
CPU performs the transmitted programs on the main 
memory, controls each unit of the device by these pro- 
grams and realizes the various processing mentioned in 
detail as follows. 

[0261] In addition, the hardware, such as OS (oper- 
ating system) and peripheral devices, is included in the 
"computer" said here. Moreover, as the memory 
medium in which computer reading is possible, it is not 
restricted to what memorizes statically the programs 
which was described now, but includes what stores the 
programs dynamically in short time through the commu- 
nication line, such as the exclusive line or the telephone 



line, etc. That is, all of the memories which can store the 
program at definite time are included. Such memories 
are the main memory equipped in the computers, i.e., a 
server, a router or a gateway which stores, transmits 
5 and relays the program and data on the network, such 
as internet, etc., the cash memory and the volatile 
memory in the computers which operates as a server 
and a client. 

[0262] Now, the storing device 328 which can con- 

w struct database, such as the hard disk, etc., is con- 
nected to the team data list storing device 31 8 shown in 
Figure 37. This storing device 328 has stored the group 
of the team data list which consists of the authority data 
338 and the authority list 348, for every team which con- 

15 sists of the multiple members. Although this figure 
shows only one group of the authority data 338 and the 
authority list 348 from the convenience of an explana- 
tion, in fact, these groups exist only in the number of 
teams. Here, Figure 38A and Figure 38B show the 

20 detailed constructions of the authority data 338 and the 
authority list 348. Moreover, in Figure 38C and Figure 
38D, the notation is shown each other in order to show 
the memory contents of authority data 338 and authority 
list 348 simply in the figures shown after this figure. In 

25 addition, in the following explanations and figures, the 
authority data may be written as "AUD8" and the author- 
ity list may be written as "AULS." 
[0263] The authority data 338 is the data showing 
the relation between a certain team and the sub team of 

30 its subordinate, and the concerned team which is in a 
high order in the relation with the sub team is called as 
a parent team. As shown in Figure 38A, the notation 
"AUD8" is shown as the authority data, and this author- 
ity data 338 includes the team ID 33a8 which is the iden- 

35 tifier given to the own team, the parent team ID 33bS 
which is the team ID given to the parent team of said 
team, the team originator 33cS indicating who is the 
originator of this team, the team master 33dS showing to 
whom the team master privilege is given, in the member 

40 of this team, and the digital signature 33eS which is 
signed by the team originator 33c8 (it is also called as 
the electronic signature). Moreover, in Figure 38C, it can 
be understood that this authority data is about the team 
1028 which is the sub team of the team 1018. In addi- 

45 tion, from the digital signature, it can be understood that 
the team originator of this authority data is the member 
B8 and also be understood that the team master is the 
member XS. 

[0264] On the other hand, the authority list 348 is 
50 the list which registered the multiple administrators in 
each team, and includes the data about the team mas- 
ter and the sub authority of the concerned team. As 
shown in Figure 38B, the notation "AULS" means the 
authority list, and this authority list 348 includes the 
55 team ID 34aS, the team master 34b8, the sub authority 
34c8 (in the case of this figure, they are 2 persons), and 
the digital signature 34dS of the team master 34b8, con- 
cerning of this team. And according to Figure 38D, the 
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team master is the member XS and its signature was 
made, and also it is understood that the sub authority 
are the member CS and the member DS. In addition, the 
notation of team ID itself is omitted in Figure 38D. As 
mentioned above, the team data list of this Example is 5 
the divided structure between the AUD8 which is the list 
where the relation between the parent team and the sub 
team is shown, and the AUL8 which is the list about the 
sub team administration. 

[0265] In addition, besides having been shown in w 
Figure 38A, 38B, 38C, and 38D, the authority data 338 
and the authority list 348 also include the time stamp in 
which the creation time of these data or lists is shown, 
the signature algorithm used for creating the signature 
33e8 and 34dS, the effective period of the authority data 15 
338 and the authority list 348 themselves, and the data 
about the identification number of the authority data 338 
and the authority list 348, etc. Moreover, as the ID (iden- 
tifier) for the identification of the member, the sub 
authority, and the each people of the team master, it is 20 
possible to use various identifiers, such as the name, 
the mail address, the title on the organization, the per- 
sonal serial number, and the digital certificate, etc. 
[0266] Next, Figure 39 shows the example about 
the conceptual diagram of the hierarchized team. As 25 
shown in this figure, the hierarchy of the team is the tree 
structure like the file system of the computer, and the 
ellipse form in the figure expresses the team, and the 
parent team and its sub team are connected each other 
by the straight line. The multiple sub teams are able to 30 
be registered into each team, for example, it is possible 
that the multiple sub teams, such as the 1st personnel 
section and the 2nd personnel section, are registered 
under the team in the personal division. Moreover, in 
this Example, since the team 1018, which exists at the 35 
vertex of this figure, is equivalent to the root of the tree 
structure, it is called as "the root (RootS)" or the root 
team, as imitating of the root directory on the file sys- 
tem. Furthermore, the team 1028 and the team 1038 
are both sub teams of the team 1 01 8, and they are the 40 
team belonging in the same hierarchy on the tree. On 
the other hand, the team 1048 is the sub team of the 
team 1 038. 

[0267] On the other hand, Figure 40 is the figure 
which is entered in detail value about the authority list 45 
and authority data of each team by corresponding to the 
team hierarchy shown in Figure 39. In addition, in this 
figure, the example in which the member list ("ML8" in 
this figure), which shows the list of the information or 
functions sharing member, is included in each team, is 50 
shown other than the authority list and authority data. 
That is to say, in this figure, the team data list consists of 
three kinds of lists which are the authority list, the 
authority data, and the member list. In the each of the 
member list 101m8-104mS, the signature of the mem- 55 
ber list originator and the list of the members are shown 
and, also except them, the various team administration 
information, which match for the object of the team 



usage, are included. That is to say, these information 
are included, i.e., the identification information of each 
member, the public key given to each member in the 
public key cryptography (i.e., bit line with designated 
length) and the identifier of the holder corresponding to 
this public key (hereinafter said to as "public key ID"), 
the team ID, the time stamp showing the creation time of 
the member list, and the information about the functions 
which can be used by the team member (for example, 
the application), etc. In addition, as the information for 
each member, the e-mail (electronic mail) addresses 
and the member's own addresses are also included in 
the member list, and it is possible to administrate the 
information resource about each member simultane- 
ously by using these information. 
[0268] According to the structure in this figure, it is 
possible to reach the root team 1018 from any sub 
teams by tracing the parent team ID described in the 
authority data. In addition, in each team, the multiple 
administrators can create the sub team. For example, in 
the team 1 01 8, the team master A and the sub authori- 
ties B and C have the creation privilege of the sub team, 
it can be understood that the sub teams 1 028 and 1 038 
are created by the sub authorities B and C in the team 
1018 each other, from the signatures in the authority 
data 102dS and 103d8. 

[0269] The authority data of the concerned sub 
team should be created by the administrator who is reg- 
istered in the parent team of said sub team. Moreover, 
anyone in the concerned sub team can become the 
team master of this sub team by the direction of the par- 
ent team administrator. For example, in the team 1048, 
since the digital signature of the authority data 104dS is 
member V, the sub authority V who is one of the admin- 
istrators of the team 1 03d8 which is the parent team is 
creating authority data 104dS, and nominates member 
L as the team master of the team 1 048. 
[0270] On the other hand, the team master of each 
team should create and sign the authority list. For 
example, the authority list 103uS of the team 1038 is 
created by the member XS who is the team master, and 
the digital signature of the member XS is made there. 
Therefore, the data about the sub authority in the 
authority list 1 03uS can be administrated by member XS 
only, and does not receive the interference of the admin- 
istrator of the team 1 01 8 which is the parent team (i.e., 
the team master A or the sub authorities B or C). If it is 
said by another words, when the signer of the authority 
list is made into the originator of the team (i.e., the team 
master or sub authority of the parent team), for exam- 
ple, the personnel general manager becomes unable to 
leave the administration of the section to the personnel 
section manager, and has to administrate by himself. 
Similarly, since the team master of each team signs the 
member list, the administration about the sharing mem- 
ber in each team does not receive the interference of 
the parent team. For example, since the member list 
1 03m8 of the team 1 038 is signed by the team master X, 
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the administrator of the parent team cannot adminis- 
trate. However, when the team master or sub authority 
of the parent team modifies the initial state of the sub 
team created or the team master of said sub team, the 
signature of the authority list is the signature of the team 5 
master or the sub authority of the parent team which 
created said sub team. 

[0271] If the above points are collected, in this 
Example, the authority data and the authority list are 
separated in the structure and it makes that the parent 10 
team can not participate the administration of the sub 
team, since the parent team administrator can not 
tamper the authority list and member list, while the par- 
ent team can refer the authority data AUD8 of the sub 
team. By this way, the team master of each team can 15 
choose the sub authority by himself, and also can do the 
member administration of the information sharing in the 
team. 

[0272] Next, in the team data list storing device 31 8 
of Figure 37, when the each request of the reference, 20 
the modification, and the deletion to the authority data 
338 or the authority list 348 is required from the client 
CL8 side, the permission test unit 358 identifies the 
claimant, and judges whether these requests are per- 
mitted or not. In this judgement, the privilege of the 25 
members, etc., of the team and the privilege given to the 
claimant himself, etc., are referred, besides the relation 
between the team master or sub authority of the objec- 
tive team of the request and parent team or sub team of 
the concerned team. That is to say, since the processing 30 
of the judgement is different in detail in according to the 
request contents, the detail is mentioned later in the 
processing explanation. Next, when the permission test 
unit 358 uses the authority data 338 and authority list 
348, the list storing unit 368 obtains these lists from the 35 
storing device 328, deletes these lists from the storing 
device 328 or stores these lists in the storing device 328. 
In the following explanation, when the permission test 
unit 358 accesses to the authority data 338 or authority 
list 348, it is the premise that the list storing unit 368 40 
surely intervenes. However, it does not explain one by 
one, because it is complicated. 

[0273] Next, in the team data list administration 
device 308, the list authentication unit 378 traces the 
authority list and the authority data of the parent team 45 
one by one until to reach the root team, then finally, con- 
firms the signature of team master A of the team 1 01 8, 
and verifies the authentication of the authority list and 
the authority data. In addition, the authentication said 
here means that there is neither tampering nor action 50 
exceeding privilege and the administration of the team 
hierarchy is done through right steps. Next, the 
AUD • AUL modification unit 388 does the modification, 
such as addition, deletion, and displacement, etc., of 
the members or administrators to the authority data 338 55 
and the authority list 348 which are obtained by the list 
authentication unit 378. In addition, the AUD • AUL mod- 
ification unit 388 also creates the authority data 338 and 



the authority list 348 newly when the sub team is cre- 
ated. Next, the signing unit 398 adds the digital signa- 
ture of the originator or the modifier (i.e., the team 
master or the sub authority) to the authority data 338 or 
the authority list 348 which was processed by the 
AUD* AUL modification device 388, by using together 
the encryption which is made in use of the private key or 
the signed key, on which only the modifier can know, 
and Hash function. 

[0274] Next, the public key administration unit 408 
accesses the public key database 418 connected to the 
team data list administration device 308, and obtains 
the public key and the public key ID corresponding to 
said public key. Incidentally, in an actual form, it is natu- 
rally considered that the public key database 418 is not 
only the local form which is directly connected with the 
team data list administration device 308 but also the 
form which exists in the server (for example, certification 
office) which is installed on networks, such as, internet. 
According to such a form, the public key administration 
device 408 can access the public key database 418 
through the homepage registered on the certification 
office, and from there, said public key administration 
device 408 can also obtain the public key and public key 
ID mentioned above in the form of the file. 
[0275] Next, the operation of the above mentioned 
system which has the team data list administration 
device 308 and team data list storing device 318 is 
explained for every requested contents, which are done 
from the client CL8 to the server SV8. 

[The creation of the sub team] 

[0276] Figure 41 shows the procedure for creating 
the sub team. In this case, member C, which is the sub 
authority of the team 1 01 8 in Figure 40, creates the sub 
team 1 038 in which the team master is the member X in 
the subordinate of the team 1018. This corresponds that 
the deputy general manager performs the enterprise 
function, which establishes new section in the personal 
department, as an agency of the personnel general 
manager. Here, in team data list store equipment 318, 
the team data list about the team 1018 created accord- 
ing to the proper step is beforehand stored in the storing 
device 328, and the creation of the sub team is done in 
the administration architecture by the team master A of 
the root team 1018. In addition, as shown in Figure 40, 
since the parent team does not exist in the team 1018, 
the fixed value "RootS" is installed to the parent team ID 
of the authority data 101dS, and since the team master 
is member A, the digital signature of the member A is 
done in the authority data 1 01 d5 and the authority list 
1 01 u8 each other. However, it can consider that there is 
the parent team "RootS" among the root teams virtually, 
and it can be also considered that this parent team has 
nominated the member A as the team master. 
[0277] First, according to the sub team creation 
directive from the member C8, the team data list admin- 
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istration device 308 sends the sub team creation 
request to the team data list storing device 31 8. (Step 
S1 18) The team data list storing device 318 obtains the 
authority data 101dS and the authority list 101uS from 
the storing device 328, and sends them to the team data 
list administration device 308. In this case, if the team 
1018 has the sub teams (i.e., the team 1028 shown in 
Figure 40), the team data list storing device 318 also 
sends together with the team data lists about these 
teams to the team data list administration device 308. 
(Step S128) 

In the team data list administration device 308, the 
AUD*AUL modification unit 388 creates the authority 
data 103dS in which the team 101 8 is set as the parent 
team ID, the team 1038 is set as the team ID and the 
member X is set as the team master, according to the 
directive from the member C8, and also creates the 
authority list 103uaS in which Member X is set as the 
team master. Next, the AUD • AUL modification unit 388 
makes together the created authority list 103ua8 with 
the authority data 1 03dS, and delivers them to the sign- 
ing unit 398. 

[0278] The signing unit 398 obtains the private key 
about the member C from the IC card, etc., in which the 
private key file and the private key were recorded, and, 
on the basis of this private key, does the digital signa- 
ture of member C who is the claimant, to the authority 
data 103d8 and authority list 103uaS sent from 
AUD • AUL modification unit 388. At this time, the signa- 
ture of the authority list 103uaS is the signature of the 
sub team originator instead of the team master X (in the 
above, Step S1 38). Next, the signing unit 398 sends the 
authority data 103dS and the authority list 103uaS, 
which are created about the team 1038, to the team 
data list storing device 318, and does these storing 
requests .(Step S148) 

[0279] In the team data list storing device 318, the 
permission test unit 358 does the permission test shown 
in the flow chart of Figure 42. First, the permission test 
unit 358 identifies that the claimant, who done the stor- 
ing request, is member C (Step S318), and investigates 
whether the member C is the team master or the sub 
authority of the team 1018 or not, on the basis of the 
authority data 101dS and the authority list 101u8 about 
the team 1 01 8. (Step S328) In this case, since the mem- 
ber C is the sub authority of the team 1 01 8, it is judged 
that the storing request of the data is created by the per- 
son having the proper permission, (the decision result of 
this step is "YES"). By the way, when the decision result 
of this step serves as "NO", the tampering or the 
improper act exists, and therefore, the permission test 
unit 358 stops the processing without doing the 
requested storing operation. 

[0280] Next, the permission test unit 358 confirms 
that both of the signatures of the authority data 103dS 
and the authority list 103uaS of the created sub team 
1 038 are signed by the member C which is the claimant. 
(Step S338) In this case, since member C has both 



signed as mentioned above, the decision result of this 
step serves as "YES.", and the permission test unit 358 
finally judged that the sub team was created by the 
proper permission, and stores the authority data 103dS 

5 and the authority list 1 03uaS of the created sub team in 
the storing device 328. (Step S348) By the way, when 
the decision result of step S338 serves as "NO", the 
tampering or the improper act exists, and therefore, the 
permission test unit 358 stops the processing without 

10 doing the requested storing operation, (the processing 
mentioned above is suited to Step S158 of Figure 41) 
The creation of the sub team is completed with the 
above steps. 

[0281] Then, the operation processing is consid- 

15 ered when the administration requests, such as the set 
up of the information sharing member or the sub team 
originator having proper permission, is done from the 
member X who is the team master of the team 1 038. In 
addition, as an example, the case that the member W 

20 and the member V are newly registered as the sub 
authority of the team 1038 is explained. As shown in 
Figure 41 , first, the team data list administration device 
308 requires the team data list about the parent team 
1 038 to the team data list storing unit 31 8 based on the 

25 administration request directed from member X. (Step 
S1 68) Then, the team data list storing device 31 8 trans- 
mits all team data lists about all parent teams until the 
root team besides the sub team 1 038 (in this case, only 
the team 1 01 8 which is the root team ), to the team data 

30 list administration device 308 side, on the basis of the 
content of the request. (Sep S1 78) In the team data list 
administration device 308, the list authentication unit 
378 investigates the authentication of the transmitted list 
according to the procedure shown in the flow chart of 

35 Figure 43. (Step S1 88). 

[0282] First, the list authentication 378 refers to the 
digital signature of the authority data 103d8 and the 
authority list 1 03ua8 of the team 1 038 being the admin- 
istration object, and confirms whether the tampering is 

40 done or not. (Step S41 8) When the tampering is done, it 
stops the processing about the administration request 
as being the improper act. (the judgement result of this 
step is "NO") One the other hand, when the judgement 
result of this step is "YES", i.e., there is no tampering, 

45 the list authentication unit 378 can confirm that the 
member X is the team master of the team 1 038 from the 
authority data 103dS. Here, if it is usual, the list authen- 
tication unit 378 may confirm that its signatory is the 
member X who is the team master, from the authority 

so list 103uaS. However, as mentioned above, since this 
time is the transit period on the way of the sub team cre- 
ation and the signatory of the authority list 1 03ua8 is the 
member CS who is the originator of the sub team, it may 
be confirmed later whether member C has the proper 

55 permission to create the sub team or not, by investigat- 
ing whether the member C is registered or not as the 
team master or sub authority of the parent team 1 01 8, in 
the processing mentioned later (Step S458). (Step 
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S425) 

[0283] Next, the list authentication unit 375 knows 
that the parent team is the team 1015 from the parent 
team ID of the authority data 103d5 (Step S435), and 
investigates whether the authority list 1 01 u5 of the par- 5 
ent team and the digital signature of authority data 
101d5 is tampered or not. (Step S445) Then, the 
processing of the list authentication unit 375 is stopped 
by judging that an improper act was done, if it was sup- 
posed that these list and signature mentioned above w 
either was tampered. (the decision result of this Step is 
"NO") However, the list authentication unit 375 continu- 
ously verifies whether the creator of the team 1 035 is 
the team master or the sub authority of the parent team 
or not, when the judgement of this Step is "YES", i.e., 15 
there is no tampering. (Step S455) In this case, it can be 
understood that the signer of the authority data 1 03d5 of 
the team 1035 is member C, and the member C has 
been registered as the sub authority of the parent team, 
from the authority list 101u5 of the team 1015 which is 20 
the parent team. Therefore, it can be verified that the 
team 1035 has been created by the person having the 
proper permission (the decision result of this Step is 
"YES") In addition, when the result of judgement is 
"NO", the processing of the list authentication unit 375 is 25 
stopped by judging that the improper act was done. 
[0284] Next, the authentication unit 375 investigates 
whether the team 1 01 5, which is the parent team, is the 
root or not. In this case, the parent team ID of the 
authority data 1 01 d8 of the team 1 01 5 is "RootS", so that 30 
it can be understood that the team 1015 is the root 
team, (the decision result of Step S465 is "YES") Then, 
the list authentication unit 375 can understand that the 
team master is the member A by investigating the 
authority data 101d5 of the team 1015. And, since the 35 
authority data 101d5 and the authority list 101u5 are 
signed by this member A, it can be verify that the team 
hierarchy is administered properly under team master A 
(Step S475). Finally, the member X operates the team 
data list administration device 305 by himself, and 40 
acknowledges that the usage of the team data list, such 
as an information sharing, and the hierachized team, 
has been done. Then, these results are transmitted to 
the list authentication unit 375. 

[0285] According to the Step mentioned above, the 45 
list authentication unit 375 can verify that the sub 
authority C, who is nominated by the team master A of 
the team 1 01 5, is creating the authority data and author- 
ity list about the team 1035, and these data lists are 
obtained normally from the team data list storing device 50 
315. Then, the list authentication unit 375 delivers the 
team data list transmitted from team data list storing unit 
315 to AUD*AUL modification unit 385. In addition, in 
the case that the parent team is not judged to be the 
root team at step S465 in Figure 43, for example, when 55 
the administration request is done to the team 1045 
which is the sub team of the team 1 035, the list authen- 
tication unit 375 modifies the objective team into the 



parent team, and goes up the team hierarchy by one 
step toward the root team (Step S495), and repeats the 
looping which consists of Step S425-S465 and Step 
S495 until the parent team becomes to the team 1015 
which is the root team (the decision result of Step S465 
is "YES"). 

[0286] Next, AUD*AUL modification unit 385 cre- 
ates the authority list 1 03u5 in which the member W and 
the member V are added as the sub authority, to the 
authority list 103ua5 of the team 1035, and sends said 
authority list 103u5 to the signing unit 395 with the 
authority data 103d5. The signing unit 395 obtains the 
secret key about the team master X from the private key 
file, etc., mentioned above, and after signing of the team 
master X to the delivered authority list 1 03u5 (above, 
Step S195), said signing unit 395 transmits said private 
key to the team data list storing unit 31 5 with the author- 
ity data 103d5, and requires the storing request about 
these team data lists. (Step S205). 
[0287] In the team data list storing unit 31 5, the per- 
mission test unit 355 does the permission test shown in 
the flow chart of Figure 44 to the storing request from 
the team data list administration unit 305, based on the 
team data list about the team 1015, which is stored in 
the storing device 325, and the team data list about the 
team 1 035 transmitted from the client side. That is, at 
first, the permission test unit 355 identifies that the 
claimant, who directed the storing request, is the mem- 
ber X (Step S515), and confirms whether the above- 
mentioned claimant matches with either among three 
persons of the team master of a team 1 035, the team 
master or sub authority of the team 1 01 5 which are the 
parent team, based on the authority data 1 03d5 and the 
authority list 103u5 which have been transmitted. In this 
case, the member X, who is the claimant, is registered 
as the team master of the team 1 035 (the decision result 
of Step S525 is "YES"), so that the permission test unit 
355 judges that the claimant has the proper permission 
to the storing request. Incidentally, if the decision result 
of this step is "NO", the permission test unit 355 stops 
the processing as the proper permission is not granted 
to the claimant. 

[0288] Next, the permission test unit 355 confirms 
whether or not the signer of the authority data 103d5 
corresponds with either the team master or the sub 
authority of the parent team. In this case, the signer of 
the authority data 103d5 is the member C, and is the 
sub authority of the parent team 1 01 5 (the judged result 
of Step S535 is "YES"), so that the permission test unit 
355 judges that the claimant has the proper permission 
to the storing request. Incidentally, if the decision result 
of this step is "NO", the permission test unit 355 stops 
the processing as judging that there is the tampering or 
the improper act. Next, the permission test unit 355 con- 
firms whether the signer of the authority list 103u5 
matches with the team master registered in the author- 
ity data 1 03d5 or not. In this case, the signer of authority 
list 103u5 is the team master X to whom authority data 
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103d8 indicates (the decision result of step S548 is 
"YES"), so that the permission test unit 358 finally 
judges that the team 1038 was created by the person 
having the proper permission, and stores the team data 
list transmitted from team data list administration device 
308 in the storing device 328, and updates the content 
of the team data list about the team 1 038 (Step S558). 
In addition, it' the decision result of step S548 is "NO", 
the permission test unit 358 stops the processing as 
judging that there is the tampering or the improper act, 
and the storing processing in Step S558 mentioned 
above is not done 

[0289] As mentioned above, it can be verified that 
the member X is properly nominated as the team mas- 
ter of the team 1 038 in the administration system by the 
team master A in the root team, based on the team data 
list stored in the server SV8 side. (Step S218 of Figure 
41) 

(Modification of the team master in the sub team) 

[0290] Next, the processing step for the modifica- 
tion of the team master of the sub team is explained by 
using the Figure 45. In this case, it is explained as an 
example that the member B, who is registered in the 
team 1 01 8 which is the root team, as the sub authority, 
modifies the team master of the team 1 038 which is the 
sub team, from the member X to the member Z. This 
example corresponds, when the deputy personnel gen- 
eral manager modifies the section manager instead of 
the personnel general manager since the 1st personnel 
section manager was transferred. First, the team data 
list administration device 308 sends the modification 
request of the team data list about the sub team 1 038, 
to the team data list storing device 318 (Step S618). 
Thereby, the team data list storing device 318 transmits 
the team data list about the team 1018 and its subordi- 
nate sub team, to the team data list administration 
device 308 side like Step S128 in Figure 41. (Step 
S628). 

[0291] In the team data list administration unit 308, 
the list permission test unit 378 verifies the authentica- 
tion of the team data list transmitted according to the 
procedure explained in Figure 43 (Step S638), and 
delivers the team data list transmitted to the AUD • AUL 
modification unit 388 when said authentication is veri- 
fied. The AUD • AUL modification unit 388 modifies the 
team master from member X to member Z about the 
authority data 103d8 among the delivered team data 
lists, according to the directed content from the member 
B, and sends this modifies authority data and the deliv- 
ered authority list to the signing unit 398. The signing 
unit 398 obtains the private key about member B from 
each above mentioned private key file, etc., to the sent 
team data list, and signs the digital signature. Thereby, 
after creating the authority data 103dbS and authority 
list 1 03ub8 (Step S648), these team data lists are trans- 
mitted to the team data list storing unit 31 8, and the stor- 



ing request is done. (Step S658). 
[0292] In the team data list storing device 318, the 
permission test unit 358 performs the permission test 
according to the steps shown in Figure 44, on the basis 

5 of the transmitted team data list, and when the authen- 
tication is confirmed, the transmitted team data list is 
stored in the storing device 328. In this case, the differ- 
ent point from the time of the sub team creation (Step 
S21 8 of Figure 41 ) is that the member Z who is the team 

w master nominated in the authority data 1 03dbS is differ- 
ent from the member B who is the signer of authority list 
103ubS, at the time of the team master modification, 
(the case where the decision result of step S548 is 
"NO") Then, in this case, if the signer of authority list 

15 1 03ubS matches with either team master A, sub author- 
ity B, or sub authority C, who were registered adminis- 
trators in the parent team, the permission test unit 358 
judges that the signer of authority list 103ubS is signed 
by the person having the proper permission. And as 

20 mentioned above, 2 sets of the authority list and the 
authority data in which these creation times are differ- 
ent, i.e., the each team data list before and after of the 
modification of the team master, are stored in the server 
SV8 side, as the team data list about the team 1 038. 

25 After then, the team data list storing device 318 trans- 
mits the authority data 103dbS and the authority list 
1 03ubS to the team data list administration device 308, 
in order to give the signature of the member Z, who is 
the new team master of the team 1 038, to the authority 

30 list 1 03ub8. (Step S668) 

[0293] In the team data list administration unit 308, 
after the list authentication unit 378 verifies the authen- 
tication of the team data list transmitted according to the 
procedure of Figure 43, said team data list is delivered 

35 to the signing unit 398 through AUD • AUL modification 
unit 388. The signing unit 398 obtains the private key 
about member Z from the private key file, etc., men- 
tioned above, and does the digital signature of the mem- 
ber Z to the authority list 103ub8 and creates the 

40 authority list 1 03ucS, on the basis of said private key 
(Step S678). Next, the signing unit 398 transmits the 
created authority list 1 03uc8 to the team data list storing 
device 318 with the authority data 103db8 (Step S688). 
In the team data list storing device 318, the permission 

45 test unit 358 does the permission test following the pro- 
cedure of Figure 44, on the basis of the team data list 
which has been transmitted, and stores the team data 
list transmitted in the storing device 328, when the 
authentication is confirmed, and does the updating 

50 processing of the team data list about the team 1 038. By 
the above processing, the team master has been modi- 
fied with completing the normal steps. 

(Modification of the sub authority) 

55 

[0294] Next, the procedure for modification of the 
sub authority is explained with referring to Figure 46. In 
this case, it is explained as an example that the team 
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master AS of the team 1018, which is the root team, 
deprives the creation privilege of member B8 registered 
as the sub authority in this team 1018. This case corre- 
sponds to the case in which the deputy general man- 
ager is transferred etc. so that the personnel general 5 
manager deletes this deputy general manager from the 
personal department. In addition, in this figure, the team 
1038, in which the sub authority B8 has become the 
originator by modifying the team master in Figure 45, is 
shown as a premise. Moreover, in this figure, two cases 
are illustrated collectively, i.e., the case in which the 
team 1 038 is deleted in connection with that the creation 
privilege of the sub authority B is deleted, and the case 
which makes the team 1038 to continue. Therefore, 
when the member A directs the request to the team data 
list administration unit 308, the member A should direct 
collectively whether the team 1 038 is retained or not. 
[0295] First, the team data list administration device 
308 sends out the modification request (deletion 
request) of the sub authority B8 registered in the team 
1018, to the team data list storing device 318 (Step 
S718). Thereby, the team data list storing device 318 
transmits the team data list about the team 1018 and the 
team 1038 to the team data list administration device 
308 side, after retrieving the team 1038, in which sub 
team B serves as the originator in these sub team, with 
referring the authority data of the sub team which is the 
subordinate of the team 1018 (Step S728). In the team 
data list administration device 308, the list authentica- 
tion unit 378 verifies the authentication of the transmit- 
ted team data list, according to the procedure explained 
with Figure 43, and delivers said transmitted team data 
list to the AUD • AUL modification unit 388, when the 
authentication can be verified. 

[0296] The AUD • AUL modification unit 388 creates 
the authority list 101ubS in which the member B was 
deleted out from the sub authorities described in the 
authority list 101uS, among the delivered team data 
lists, based on the description of the directed content 
from member A (Step S738). In addition, the AUD • AUL 
modification unit 388 deletes the signature of the mem- 
ber B given to the authority data 103dbS, and creates 
the authority data 103dc8 (Step S748). Then, the 
AUD • AUL modification unit 388 sends out the authority 
data 1 03dc8 and the authority list 1 03uc8 to the signing 
unit 398. 

[0297] The signing unit 398 does one of two kinds of 
following processing according to the description of the 
directed content from member A. First, if the request 
which makes the team 1038 to continue is coming, the 
signing unit 398 considers that the member A acknowl- 
edged the entity of the team 1038, and obtains the pri- 
vate key about the member A from the private key file 
mentioned above, etc., and, on the basis of this, creates 
the authority data 103dd8 with appending the signature 
of the member A to the authority data 103dcS (Step 
S758). Next, the signing unit 398 transmits the authority 
data 1 01 d8, 1 03dd8 and authority list 1 01 ub8, 1 03uc8 to 



the team data list storing device 318, and requires the 
storing request of these team data lists. (Step S768) In 
the team data list storing device 31 8, the permission test 
unit 358 does the permission test according to the step 
shown in Figure 44, on the basis of the transmitted team 
data list, and updates the content of the storing device 
328 by the transmitted team data list, when the authen- 
tication is confirmed. (Step S778) 
[0298] Second, if the deletion request of the team 
1 038 is coming, the signing unit 398 sends out the can- 
cel command of the team 1 038 to the team data list stor- 
ing device 31 8, while said signing unit 398 transmits the 
team data list about the team 1018, i.e., the authority 
data 101dS and the authority list 101ubS, to the team 
data list storing device 318 (Step S788). In the team 
data list storing device 318, the permission test unit 358 
can acknowledge the deletion of the sub authority B by 
verifying the authority list 101uS stored in the storing 
device 328 and the transmitted authority list 101ubS. In 
addition, the permission test unit 358 can understand, 
that the team master is member A and the digital signa- 
tures of both these team data lists are done by this 
member A, from the description of the authority data 
1 01 dS and the authority list 1 01 ub8. From these results, 
the permission test unit 358 judges that the team master 
A deleted the sub authority B8 with the proper permis- 
sion, and updates the team data list of the team 1 01 8 in 
the storing device 328 with the contents of the authority 
data 101 dS and the authority list 1 01 ub8. Next, the per- 
mission test unit 358 deletes the authority data and the 
authority list about the team 1038 in the storing device 
328. (Step S798) By this way mentioned above, the cre- 
ation privilege of the sub authority B had been deleted 
from the team data list in the server SV8. 

(Deletion of the sub team) 

[0299] Next, the procedure for deleting the sub 
team is explained with reference to Figure 47. In this 
case, it is explained as an example that the member C 
registered in the team 1018, which is the root team, as 
the sub authority, deletes the team 1038 created by the 
procedure of Figure 41 mentioned above. This corre- 
sponds that since the 1st personal section under the 
personal department were abolished, the deputy gen- 
eral manager of the personal division performs the work 
about the section abolition. Here, it is necessary that the 
member C proves that he is the genuine member C 
rightly to the team data list storing device 318, in order 
to delete the team 1038 by the privilege of the sub 
authority of the team 1 01 which is equivalent to the par- 
ent team of the team 1 038 which is the sub team. There- 
fore, the team data list administration unit 308 is made 
to notify the digital signature of the member C to the 
team data list storing unit 318 so that it may mention 
later. 

[0300] First, when the member C directs the dele- 
tion of the team 1 038 to the team data list administration 
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unit 308, the team data list administration unit 308 trans- 
mits the set consisting of the delete command of the 
team 1 038 by the privilege of the member C and the dig- 
ital signature of the member C , to the team data list 
storing device 318, after creating the digital signature of 
member C by the signing unit 39S.(Step S81 8). In addi- 
tion, as a method except appending the digital signa- 
ture, although it can be considered that recruiting the 
method, which is called the "shake-hand" or the "chal- 
lenge response" (they will be mentioned in detail later) 
and is proved at the time of the transfer of the cancel 
command, but here, the method using the digital signa- 
ture will be explained and then, finally, "shake-hand" will 
is explained. 

[0301] When the team data list storing unit 318 
receives the cancel command of the team 1 038 from the 
team data list administration unit 308, the permission 
test unit 358 understands that the sub authority C, which 
is registered in the team 1018, is the originator of the 
team 1038, by referring to the team data list about the 
team 1018 and the team 1038. Moreover, after verifying 
the signature of the member C described in the author- 
ity data 103dS and the signature of the member C 
appended to the cancel command, the permission test 
unit 358 can confirm that the person, who directs the 
deletion, is surely the member C, when said signatures 
are matched. In this way, the permission test unit 358 
judges that the cancel command was published by the 
proper permission, and deletes the authority data 1 03d8 
and the authority list 1 03uS about the team 1 038 in the 
storing device 328. (Step S828) Then, the delete proc- 
ess of the team 1 038 was completed by sub authority C. 
[0302] By the way, since the member A is the team 
master of the team 1 01 8, said A has the proper permis- 
sion which can delete the sub team 1 038 instead of the 
sub authority C. In this case, when the member A 
directs the cancel command of the team 1038 to the 
team data list administration device 308, the team data 
list administration device 308 creates the digital signa- 
ture of the member A by the signing unit 398, and trans- 
mits the cancel command of the team 1 038 made by the 
privilege of the team master A and the digital signature 
of the member A, to the team data list storing unit 318. 
(Step S838) In the team data list storing unit 318, by 
referring to the team data list about the team 1018 and 
the team 1038, the permission test unit 358 under- 
stands that the sub authority C registered in the team 
1018 is the originator of the team 1038 and said sub 
authority C was nominated as the sub authority by the 
team master A of the parent team 1018. Moreover, the 
permission test unit 358 confirms that the person who 
directed the deletion is surely the member A himself by 
verifying the signature of the member A written in the 
authority data 1 01 d8 and the appended signature of the 
member A in the cancel command. In this way, the per- 
mission test unit 358 judges that the cancel command 
was published by the proper permission, and deletes 
the authority data 103d8 and the authority list 103u8 



about the team 1038 in the storing device 328 (above, 
Step S848). 

[0303] By this way mentioned above, that deletion 
process of the team 1038 by team master A was final- 
5 ized. In addition, to except for the member mentioned 
above, for example, it is also possible that the member 
B, who is registered in the team 1 01 8 as the sub author- 
ity, deletes the sub team 1 038. 

[0304] Finally, the detail of the procedure of the 

w "hand-shake" and the "challenge-response" mentioned 
above are demonstrated by referring to Figure 48. First, 
when the client CL8 accesses the server SV8, said cli- 
ent CL8 sends the user's (if it says in Figure 47, they are 
the member C or the member A) name and user's public 

15 key to the server SV8 (Step S1 01 8). The server SV gen- 
erates a random number to memorize inside and 
encrypts said random number by the user's public key 
(Step S1 028) and sends the encrypted data to the client 
CL8 as a "challenge data". (Step 1038) 

20 The client CL8 decrypts the "challenge data", which was 
sent from the server SV8, with the private key corre- 
sponding to the user public key (Step S1048), and 
returns the obtained decryption data as the "challenge 
response" to the server SV8 (Step S1058). The server 

25 SV8 confirms the communication partner by comparing 
the "challenge response" sent from the client CL8 and 
the random number generated in the Step S1028. That 
is to say, if both are matched, it can confirm that the per- 
son, who knows the private key corresponding to the 

30 user's public key sent by step S1 01 8, is the communica- 
tion partner (authentication success). On the other 
hand, if both are not matched, it can understand that the 
communication partner is the person who may not have 
the proper permission (authentication fail), (above, Step 

35 S1068) Then, the server SV8 informs the verification 
result (authentication success or authentication fail) 
obtained at Step S1068 to the client CL8 (Step S1078). 
By making it above, it can confirm by the server SV8 
side that the member C and the member A are the per- 

40 sons themselves as well as the case that the digital sig- 
nature is appended. 

[0305] In addition, it also can send an "user public 
key number" instead of sending the user public key to 
the server SV8 from the client CL8. The user public key 

45 number said here is the information for identifying and 
authenticating the user himself and is the serial number 
which beforehand given to each user public key. If it 
says in detail furthermore, the user public key number is 
the information corresponding to each user public key 

so for identifying the user public key in the uniformity, for 
example, said number is the serial number of the certif- 
icate included in the certificate published from the certif- 
icate authority mentioned above. Moreover, various 
information, such as the ID and the name, etc., which 

55 actually identify the key originator himself, can be uti- 
lized besides the user public key number said now, as 
the information for identifying and authenticating the 
user himself. 
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Example 4-2 

[0306] Figure 49 shows about hierarchization of the 
team by this example and realizes the forms where the 
application, which can be utilized by the member in the 
team, is different for every teams. In this figure, only the 
teams, which correspond to the team 1018-1038 in the 
teams in Figure 40, are shown. Although about the 
authority list and the authority data are the same as 
shown in Figure 40, besides them, the application lists 
101aS, 102aS, 103aS, which include the content of the 
member list instead of the member list, are formed in 
each team. That is to say, the list of the member belong- 
ing to its team besides the system, which can be utilized 
by the member belonging to each team, is shown in 
these application lists. About the application, for exam- 
ple, the personal administration system, the accounting 
system, the schedule and the file sharing system are 
registered in the application list 101aS of a team 1018. 
Moreover, about the list of the member, it is the same as 
the drawn member list in Figure 40. 
[0307] In this Example 4-2, although the formation 
of the team is received interference of the parent team, 
like Example 4-1, the administration in the team can be 
done without receiving interference from the parent 
team, since the team master of each team signs in the 
application list. That is to say, the team master can 
administrate independently, about what member can 
share the utilizable application in the team, from the 
administrator of the parent team. For example, in the 
team 1 028 which is the sub team of the team 1 01 8, the 
signature of the application list 102aS is signed by the 
member Y8 who is the team master of the team 1 028, 
and there is no interference by the team master A8 who 
is the administrator of the team 1018 and the sub 
authority B8, and CS. 

Example 4-3 

[0308] In this Example, the person, who belongs to 
each team as an administration privilege apportionment 
in the team for sharing information, is categorized into 
three kinds, such as, the member, the sub master, and 
the team master, in addition to the above-mentioned 
privilege apportionment called the member, the sub 
authority and the team master who are shown from the 
viewpoint of administrating the sub team. Among these, 
the sub master is the administrator who is nominated by 
the team master in the team, and is not allowed to mod- 
ify the team master, but is the person who can do the 
addition, the deletion, and the modification about gen- 
eral members. On the one hand, the team master can 
do the modification of the sub master or the members, 
and also is the person who can modify even the team 
master of the own team. On the other hand, the general 
members, other than the sub master and the team mas- 
ter, are the persons who share the information and the 
functions, which are offered, and are not granted the 



privilege, such as the modification, etc., to the content of 
the team data list. In addition, although the sub master 
and the team master are granted the special privilege, 
there is no change in being the member in the team, so 
5 that the sub master or the team master may be called as 
the member sometimes. 

[0309] Figure 50 shows about the team hierarchiza- 
tion in this Example. In this figure, the team master list 
is further added to each team of Example 4-1 shown in 

10 Figure 40. By this way, the multiple administrators can 
do the administration of the information sharing mem- 
bers in each team while the information sharing is 
administrated for every team. In the team master list 
101tS-104t8 in Figure 50, the list of the team masters 

15 and the sub masters who are registered in each team 
and the signatures of the team masters are written. 
However, the identification information of the team mas- 
ter or the sub master, the public key, the public-key ID, 
the team ID, and the time stamp, in which the creation 

20 time of the team master list is shown, are included in the 
team master list besides them mentioned above. In 
addition, as an information about the team, the number 
of members of the team, the time when the team was 
created, and the information, such as the various func- 

25 tions of which each member in the team can utilize (for 
example, the application list mentioned above) are also 
included in the team master list 348, and the administra- 
tion of the information resource about each team can be 
simultaneously done by using these information. 

30 [0310] About the signature of the team master, the 
team master of each team signs the signature of the 
team master list at the time of the team creation, and 
thereafter, said signature is used as the signature of the 
team master. On the other hand, about the member list, 

35 since the administration privilege is given to the sub 
master, other than the team master in each team, the 
signature of the sub master is sometimes signed in 
addition to the team master. For example, about the 
member list 101maS, the signature of the member B8, 

40 who is registered as the sub master of the team 1 01 8, is 
signed. On the other hand, , when the sub master is not 
registered in the team master list 102tS, such as the 
team 1028, the member B8, who is the team master, 
signs in the member list 102maS. 

45 [0311] In the Figure 50, since the administration 
privilege of the sub team and the administration privi- 
lege of the member are divided in the authority 
list/authority data and the team master list, it is possible 
to assign the person who is different from the sub 

so authority and the sub master in the each team. For 
example, in the team 1038, the member W and the 
member V are the sub authorities and the member Y 
and the member Z are the sub masters, so that it can be 
planned that the different persons take charge of the 

55 administration of the sub team and member administra- 
tion to distribute the load. Reasonably, in practice, the 
sub authority and the sub master may be made the 
same member. In this case, it is possible to make one 
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list by unifying the authority list and the member list. 
Example 4-4 

[0312] In the each Example mentioned above, 5 
whenever the team data list is used, it is necessary for 
the user that he confirms whether the team master is 
the team master of the own team rightly or not, in the cli- 
ent CL5 side . For example, the following messages are 
displayed on the display of the computer which com- 10 
prises the team data list administration device 308. 



[0313] In this way, since the user will need to con- 
firm the concerned message visually, it cannot be said 
that there are not any troublesome impressions for the 
user. In order to improve such a point, it is solved to add 
the following units as the new unit to cooperate with the 
list permission test unit 378, or to incorporate as one 
unit of the list permission test unit 378. 
[0314] That is to say, the public key of the team 
master in the root team 1018 is beforehand registered 
for every team, for example, in the public-key database 
41 8 (refer to Figure 37) in the client CL8 side, and then, 
the public key administration unit 408 obtains the public 
key about the team master of the team 1018 from the 
public-key database 41 8, and notifies the said key to the 
list permission test unit 378. On the other way, at first, 
the serial number for identifying the public key, etc., as 
the information about the public key is registered in the 
public key database 418, and then, after the public key 
administration unit 408 obtains said serial number from 
the public-key database 418, it can be constituted that 
the said public key administration unit 408 obtains sep- 
arately the public key registered in the exterior of the 
team data list administration unit 308 (for example, on 
internet), on the basis of said serial number, and deliv- 
ers said public key to the list permission test unit 378. 
[0315] On the other hand, the list permission test 
unit 378 confirms the digital signature of the team mas- 
ter included in the authority data 101dS, which is trans- 
mitted from the team data list storing device 31 8, on the 
basis of the public key of the team master of team 1 01 8 
notified from the public key administration unit 408, 
instead of the announcing the message on the compu- 
ter display mentioned above, and then, said list permis- 
sion test unit 378 judges whether the concerning digital 
signature is the signature of the team master registered 
or not. By carrying out like this, the user can verify the 
proper permission of the team master of the root team 
1018 without confirming visually on the basis of the 
viewing on the display. 



In addition, of course, various information besides the 
public key can be used as the information for confirming 
the team master. 

[0316] As mentioned above, the team data list 
administration program makes the computer do the fol- 
lowing processing in the record media which recorded 
the team data list administration program which admin- 
istrates the team data list for hierarchizing the team. 

(1) The processing which gives the operation 
request of the above-mentioned team data list to 
the designated claimant. 

(2) The processing which obtains the authority data 
including the identifier indicating the parent team of 
the own team and the digital signature of the admin- 
istrator of said parent team, and the team data list 
which has the authority list including the administra- 
tor information about the administration privilege 
person of the sub team and the digital signature of 
the team master, who is the administrator of own 
team, or the administrator of the said parent team. 

(3) The permission test processing which confirms 
the acknowledgement of the above mentioned the 
team master of the root team by the user, after con- 
firming that the digital signature of the above men- 
tioned team data list is not tampered and is the 
signature of the person having the proper permis- 
sion by using the above mentioned administrator 
information, while following the each team to the 
said root team by using the above mentioned iden- 
tifier. 

(4) The modification processing which adds the 
modification according to the above mentioned 
operation request to the above mentioned team 
data list in which the authentication was confirmed 
by this permission test processing. 

(5) The processing which creates digital signature 
of the directive person who did the above men- 
tioned operation request, and sends the team data 
list modified by the above mentioned modification 
processing, to the above mentioned request 
source, by appending said digital signature. 

[0317] Moreover, in the above mentioned team data 
list administration program, the above mentioned per- 
mission test processing may also use the information 
about the one or more sub authority who has the admin- 
istration privilege of said sub team and is nominated 
from the own team member by the above mentioned 
team master, and the information about the above men- 
tioned team master who has the administration privilege 
to the said sub authority in addition to said sub author- 
ity's privilege, as the above mentioned administrator 
information. 

[0318] Moreover, the above-mentioned team data 
list administration program may also make the computer 
do the processing which obtains the identification infor- 
mation in order to identify the principal of the team mas- 



"This list is administrated normally by the following 
members who became the administrators. 
Identifier: Member A. 15 
Organization: MITSUBISHI MATERIALS CORP. 
When you continue the working, please click O.K. 
button by a mouse." 
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ter of the root team mentioned above from the 
designated place to register beforehand, and which 
confirms that the digital signature of these authority 
data is the digital signature of the above-mentioned 
team master by using the above-mentioned identifica- 
tion information beforehand registered, whenever the 
authority data of the above-mentioned root team are 
sent from the above-mentioned claimant. 
[0319] On the other hand, in the record media 
which recorded the team data list storing program which 
stores the team data list for hierarchizing the team, the 
team data list storing program makes the computer to 
do the following processing. 

(1) The processing which memorizes beforehand 
the authority data, in which the identifier indicating 
the parent team of the own team and the digital sig- 
nature of the above mentioned administrator of the 
parent team are included, for every team. 

(2) The processing which memorizes beforehand 
the authority list, in which the administrator informa- 
tion about the administration privilege person of the 
sub team which is under the own team administra- 
tion, and the digital signature of the team master, 
who is the administrator of the own team or the 
administrator of the above mentioned parent team, 
are included, for every team. 

(3) The permission test processing which confirms 
the following processing comprising; 

the processing which confirms that the desig- 
nated claimant has the proper permission by 
using above mentioned administration informa- 
tion, when the operation request to the team 
data list, in which the above mentioned author- 
ity data and the above mentioned authority list 
are at least included, is required from said des- 
ignated claimant, 

the processing which returns or deletes the 
required team data list to the above mentioned 
claimant when above mentioned operation 
request is the reference request or the deletion 
request, 

the processing which updates the above men- 
tioned authority data and authority list which 
are memorized in the above mentioned sent 
team data list, after confirming that the digital 
signature of said team data list from above 
mentioned claimant is the signature which was 
done by the claimant having proper permis- 
sion, by using the above mentioned administra- 
tor information, when the operation request is 
the update request. 

[0320] Moreover, in the above-mentioned the team 
data list storing program, the above-mentioned permis- 
sion test processing may also use the information about 
one or more sub authority who is nominated by the 



above-mentioned team master from the member in the 
own team, and the information about the above men- 
tioned team master who has the administration privilege 
to said sub authority in addition to said sub authority's 
5 privilege, as the above-mentioned administrator infor- 
mation. 

[0321] As explained above, there are the following 

effects in invention of Example 4-1-4-4. 

[0322] In this invention, the sub team can be cre- 

w ated under each team by using the team data list, in 
which the authority list and the authority data were 
included, and the hierarchized teams can created. 
Moreover, the user can confirm the proper permission 
of the team data list about each team from the objective 

15 team for operation to the root team, by confirming only 
the signature of the team master of the root team. Fur- 
thermore, everyone can become the team master which 
administrates the sub team by the directive of the 
administrator of the parent team. 

20 [0323] Moreover, in this invention, the team data list 
is divided into the authority data under the administra- 
tion of the parent team and the authority list about the 
administration of own team. The team master of each 
team can administrate in the own team about the 

25 administration of the information sharing member, with- 
out receiving interference of the parent team. On the 
other hand, the administrator of the parent team 
becomes unnecessary to participate the administration 
of the sub team. 

30 [0324] Moreover, in this invention, since the digital 
signature by the person who has proper permission to 
the team data list is included, it is enabled to detect 
unjust acts, such as tampering. Moreover, in this inven- 
tion, when the operation request of the team data list is 

35 done, it can be prevented to do the unfair practice by the 
person who doesn't have the privilege, such as the 
administrator of the server, the general member in the 
team and the cracker, etc., since the permission test, 
i.e., the judgement whether these claimants have the 

40 proper permission or not, is done. 

[0325] Moreover, in this invention, the team master 
and one or more sub authority, who was specified espe- 
cially, have been granted the administration privilege of 
the sub team, and the team master can assign the sub 

45 authority by himself, and also since the multiple admin- 
istrators can administrate the sub team, the administra- 
tion burden is distributed. 

[0326] Moreover, in this invention, the identification 
information for identifying and authenticating the team 

so master himself of the root team, such as the public key, 
is registered beforehand, and the team master of the 
root team is confirmed on the basis of this identification 
information, so that it is not necessary to do the trouble- 
some working that is the user confirming visually by 

55 himself, whenever said user operates the team data list, 
and then, it is enabled to recognize the team master of 
the root team automatically. 
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Example 5 

[0327] The invention shown in Example 5-1 a to 5- 
4a, Example 5-1 b to 5-3b, Example 5-1 c to 5-5c, and 
Example 5-1 d to 5-6d relates a broadcast communica- 5 
tion system which prevents the injustice by the adminis- 
trator in the information relay device used in a broad 
cast communication, in a field of the broadcast commu- 
nication using computer net works. 

[0328] The following technologies are known about w 
the invention shown in Example 5-1 a to 5-4a, Example 
5-1 b to 5-3b, Example 5-1 c to 5-5c, and Example 5-1 d 
to 5-6d. 

Recently, by spreading the open networks, such as 
internet, etc., it becomes possible to do the broadcast 15 
communication in not only LAN which belongs in the 
company organization but also in the various members 
connecting with internet. The broadcast communication 
is the communication which aims to transmit the same 
information to many terminals on the communication 20 
network at once and, in the case of e-mail system, for 
example, the broadcast communication is realized by 
using mailing lists. Moreover, a real time chat, etc. can 
be listed as another example of broadcast communica- 
tion. 25 
[0329] In the general example of the broadcast 
communication realized now, a sender terminal trans- 
mits a broadcast communication message to a mes- 
sage broadcast device which administrates the group 
(the destination list) of a recipient (a distributed person). 30 
Then, the broadcast communication is realized by doing 
that the message broadcast device replicates the dis- 
tributed message only the number of recipients and 
sends these messages to the each recipient of the 
broadcast communication. For example, in the e-mail 35 
system in Figure 64, the broadcast communication is 
realized by doing that the message is sent to the mailing 
administration host (Server A), which administrates the 
mailing list (ListOI), which is the group of the recipients, 
and this mailing list administration host sends the mes- 40 
sage to the each recipients (User A, User B, User C), 
which is listed in the mailing list, by copying the mes- 
sage. 

[0330] However, in the broadcast communication 
system, which is constructed on the opened network 45 
architecture mentioned above, there are always prob- 
lems that are the peeping the delivered message for 
each recipient and the leaking the confidential informa- 
tion to outsiders, etc. By considering these problems, 
the need of the confidential information transmission on so 
the network, such as, EDI (Electronic Data Interchange) 
and EC (Electronic Commerce), increases and, also in 
the broadcast communication system, the research and 
development for up-grading the security of broadcast 
communication system has been done by using the 55 
encryption technology, until today. 
[0331] As the broadcast communication system to 
up-grade the security by using an encryption technol- 
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ogy, there is the broadcast system disclosed on patent 
application No. Hei 6-152592. In this invention, the 
encryption communication system, which can share the 
data key with certain one or more communication part- 
ners, is disclosed, by creating the encrypted key based 
on the address information which specifies the data key 
used in encryption, and the commonly used master key 
in the system, and then, transmitting and receiving 
these information and said encrypted key between the 
communication partner. 

[0332] However, in the case of utilization of this sys- 
tem, it is necessary to specify the group member and to 
deliver the memory media, such as, ICcard, etc., to said 
member for the encrypted communication in the group. 
However, in the conventional broadcast communication 
(for example, the mailing list), since the members in the 
group are dynamically changed by the secession or the 
admission, etc., and these addresses for received infor- 
mation are varied at any time, it is desirable to corre- 
spond such a withdrawing or admission, etc., also in the 
encryption broadcast communication. 
[0333] Next, in the broadcast communication sys- 
tem disclosed on patent application No. Hei 7-245605 in 
Figure 65, the broadcast communication system, which 
can flexibly correspond to the admission or secession of 
the members, is disclosed. The encrypted message 
broadcast device (Server A) in this broadcast communi- 
cation system has the encrypted message broadcast 
device which comprises the encryption calculation unit 
which decrypts the encrypted message which is 
received from the members sender (©) or encrypts the 
information for sending to members recipient ((g)) , the 
secret private key to decrypt the encrypted message, 
and key storing unit which stores the respective public 
keys of each member for encryption corresponding to 
each member (User A, User B, User C). 
[0334] However, the administrator of this message 
broadcast device or the person who is permitted the 
privilege from said administrator, can peep the content 
of the encrypted communication, even if they are not in 
the members of the broadcast communication. There- 
fore, when there is a malicious administrator of the mes- 
sage broadcast device, there is a danger to be leaked 
the transmitted confidential message in the encryption 
communication. 

For example, the information about merger and acquisi- 
tion between companies is deemed to be the confiden- 
tial message broadcasted between companies. 
However, this message is the information, which can not 
be leaked to the administrator of the message broad- 
cast device, who is influenced by said information. 
Moreover, this message broadcast device surely does 
the decryption and encryption of the encrypted mes- 
sage. However, such encryption/decryption is compli- 
cated processing and is necessary to have big capacity. 
Therefore, when many encrypted messages arrive 
simultaneously to the message broadcast device, there 
are dangers that the broadcast communication is 
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delayed or its operation is stopped by exceeding of the 
capacity of said message broadcast device. 
[0335] In order to do the broadcast communication 
of the confidential information, which makes big dam- 
age to the companies, organizations or persons by leak- 5 
ing, only between the restricted multiple members, the 
broadcast communication system, in which the follow- 
ing subjects are cleared, should be realized. 



[0336] The invention shown in Example 5-1 a to 5- 
4a, Example 5-1 b to 5-3b, Example 5-1c to 5-5c, and 35 
Example 5-1 d to 5-6d is made by considering these 
points mentioned above, and offers the broadcast com- 
munication system to clear these subjects mentioned 
above, which comprises the member list administration 
unit, the encrypted message generating device, the 40 
message broadcast device, the encrypted message 
decrypting device, and memory media which is memo- 
rized the program which realizes those devices on com- 
puters. 

[0337] First, in the explanation of the each opera- 45 
tion form about the member list administration device, 
the encrypted message generating device, the mes- 
sage broadcast device, the encrypted message 
decrypting device which comprises the broadcast com- 
munication system of the invention of Example 5-1 a to so 
5-4a, Example 5-1 b to 5-3b, Example 5-1 c to 5-5c, and 
Example 5-1 dto 5-6d, the basic technical policy and the 
technical terms of this invention are explained. 
[0338] The outline of the broadcast communication 
system of this invention is shown in Fig. 52. In addition, 55 
the operation forms of each device, which comprises 
the broadcast communication system of this invention, 
are explained exactly later. 



[0339] As mentioned above, in the conventional 
broadcast communication, the configuration of the dis- 
tributed members (recipients) stored in the message 
broadcast device (server) was mainly administrated by 
the server administrator or the person to whom the priv- 
ilege was transferred by the server administrator. How- 
ever, when the broadcast communication of the 
confidential information is done, the server administra- 
tor may do the broadcast communication in which the 
server administrator should not administrate. 
[0340] Then, in this invention, it realizes that the 
administration of the distributed member list (hereinafter 
referred to as the member list) is done by not the server 
administrator but the administrator who administrates 
the member in the broadcast communication member 
(hereinafter referred to as the team master), and the 
system in which this member list is not tampered by the 
others is offered. And the member list is shared safely 
and certainly by the member included in the member 
list, and it is done that the content of the broadcast com- 
munication message, which is sent by said member, is 
encrypted, and the member of the broadcast communi- 
cation enables to receive the confidential message 
safely and certainly, without leaking said message. 
[0341] First, it is necessary to make the system 
which identifies and authenticates the member himself, 
who becomes the communication partner, in order to do 
the broadcast communication about the confidential 
message safely and certainly. In this invention, as the 
method for identifying the principal himself, the method, 
in which the private key in the public key cryptography 
(for example, RSA (Rivest-Shamir-Adleman) cryptogra- 
phy or the elliptic curve cryptography) is used by only 
said principle himself, is used . Therefore, the public key 
corresponding to the private key is at least included in 
the member list of this invention. Moreover, in order to 
administrate the member list safely and to realize the 
method, which is not tampered by the others, the digital 
signature by the team master is attached. 
[0342] Although the member list is generally admin- 
istrated by the team master, for example, when there 
are many members of the broadcast communication, so 
that they cannot be administrated by the one adminis- 
trator, there is the case that said member list is divided 
into the multiple lists, and is administrated by the multi- 
ple administrators included in the team master list (the 
team master and the sub master who is given the privi- 
lege by the team master). As shown in Fig. 53, the gen- 
eral member list comprises the team name, the name or 
the identifier of the member X who is the team master, 
the member Y who is the member of the team, the 
name or the identifier of the member B, and the digital 
signature of the team master X to this member list (elec- 
tronic signature). Moreover, as mentioned above, when 
the member list consists of the multiple list, the example 
in which the member list is divided to 2 lists, i.e., the 
team master list in which the administrator of the team 
101e is registered and the member list in which the 



(1 ) The system, to which also administrator can not w 
peep the content of the encrypted broadcast com- 
munication, should be realized, and said broadcast 
communication content can be seen by only the 
members who share information truly. 

(2) The system, which can correspond rapidly for 15 
the secession and admission of the recipient who is 
doing the broadcast communication and can pre- 
vent to transmit in error the message to the member 

to whom said message should not be sent if there is 
a dynamical change of the broadcast communica- 20 
tion members, should be realized. 

(3) The sever administrator doesn't administrate the 
destination members of the broadcast communica- 
tion, but administrates the destination members in 

the members who belongs to the broadcast com- 25 
munication. Furthermore, the administration load, 
which is concentrated to the administrator of the 
members, is relieved as much as possible. 

(4) In order to transmit the secret information, the 
system, on which each of many recipients can 30 
receive the information surely, should be estab- 
lished. 
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broadcast communication member is registered, is 
shown in Figure 54. 

The digital signature of the member list of this example, 
can confirm the authentication of the member list by not 
only the digital signature of the team master X but also 
the digital signatures of the sub master Y and Z. 
[0343] In this case, at first, from the digital signature 
of the member list, it is verified whether the member list 
is tampered or not, and the signer (in this example, 
member X) is specified. Next, from the digital signature 
of the team master list, it is verified whether the team 
master list is tampered or not, and moreover, it is con- 
firmed whether the signer of the team master is the 
team master of this team rightly or not. Finally, it is veri- 
fied that whether the signer of this member list is regis- 
tered in the team master list as the administrator of the 
team or not. In the example of Figure 54, since the 
member X is registered as the team master, the mem- 
ber X can be judged to be the proper signer. Moreover, 
even when the signature of the member Y was 
appended to the member list, the member Y can be 
judged as the proper signer (in this case, it considers as 
the sub master, in Figure 54, it has written as "sub.") to 
whom the administration privilege was transferred from 
member X, so that the member Y can be authenticated. 
[0344] Moreover, the member list may also be the 
list in which the multiple public keys can be registered 
for one member. For example, when the 2 different key 
pairs are used, i.e., the pair of the public key and the pri- 
vate key for utilizing in the encryption • decryption 
processing and the pair of the public key and the private 
key for utilizing in the digital signing/verification process- 
ing, the 2 public keys are registered to each member. 
[0345] Moreover, although the public key is regis- 
tered in the member list, the digital certificate published 
from the certificate authority (for example, this is the dig- 
ital certificate according to the X.509 format, and here- 
inafter referred to as the certificate) can be used as this 
public key. Moreover, the method, which registers the 
information for identifying uniformly the substance of the 
public key, may also be used in the member list. In this 
case, when each member has already had the sub- 
stance of the public key, if the information to identify the 
public key, (for example, the message digest, which 
digested the given serial No., the certificate authority 
name and the certificate by the hashing function, when 
the public key included in the certificate published from 
the trusted certificate authority was used), is included in 
the member list, each member can select or retrieve the 
practical substance of the public key to utilize for the 
encryption, after receiving said member list. For exam- 
ple, when the certificate authority name and the serial 
No. were included in the member list, at first, the certifi- 
cate having this certificate authority name and serial No. 
is retrieved from the multiple certificates stored in the 
memory medium connected to the terminal, and when 
said certificate does not exist in said memory medium, 
the certificate of this serial No. may be retrieved by ask- 



ing to the certificate authority of this name. 
[0346] In the following, the each operation form of 
the member list administration device, the encrypted 
message generating device, the message broadcast 
5 device, and the encrypted message decrypting device 
which comprise the broadcast system of this invention 
of Example 5-1 a to 5-4a, 5-1 b to 5-3b, 5-1 c to 5-5c, 5-1 d 
to 5-6d, is explained in order with reference to the draw- 
ings. 

w [0347] Figure 55 includes and indicates Example 5- 
1 a to 5-4a of the member list administration device of 
this invention. 

Example 5-1 a 

15 

[0348] First, Example 5-1 a of the member list 
administration device 1e is explained. This operation 
form comprises the list creation unit 1ae which creates 
the member list including the public key of one or more 
20 members who do the broadcast communication, and 
the public key administration unit 1be which retrieves 
and stores the public key for including in the member 
list, in order to administrate the member list. 
[0349] At first, the team master inputs the desig- 
ns nated items (the member's information, etc.) for creating 
the member list by using the member list administration 
unit 1e. After inputting of the data, as shown in Figure 
56, the list creation unit 1ae chooses the public key of 
the member who is registered as the member. (Step 
30 S1e). For example, when the member list shown in Fig. 
53 is created, the public keys of the member X, Y, B 
are chosen. And, the message digest of the member list 
is created by using Hash function (for example, MD5, 
SHA-1, etc.) (Step S2e). And the construction, in which 
35 the digital signature, which is created by encrypting the 
created message digest in use of the private key of the 
team master (for example, using RSA and DSA), is 
attached to the member list, is made. (Step S3e ; the 
digital signature of X is attached in the example of Fig- 
40 ure 53) By this construction, there is no fear of the tam- 
pering of the member list , even if the terminal (not 
shown) other than the message broadcast device men- 
tioned later is used as the member list administration 
device 1e. Since the tampering can be detected by veri- 
45 tying the authentication of the member list when said 
member list is tampered actually, it is possible to stop 
the usage of the tampered member list. 

Example 5-2a 

50 

[0350] Next, as the Example 5-2a of the member 
list administration device 1e, the structure which is 
equipped with the list retrieved and storing unit 1ce in 
the member list administration unit 1 e of Example 5-1 a. 
55 The list retrieval and storing unit 1ce operates not only 
to retrieve and store the member list in the memory 
medium connected with the member list administration 
device 1e, but also to access to the terminal and the 
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database to retrieve or store the member list by using 
the said terminal (for example, the server) and the data- 
base (not drawn in the figure) 

[0351 ] As the reason to take this structure, while the 
certain team master has administrated the member list, 5 
it is said that is more safe to store the member list not in 
the terminal of the team master but in the safe terminal 
on the network (for example, the server) or the data- 
base, since there is the case that the hindrance occurs 
at said terminal of the team master or is the risk that the 
member list is eliminated accidentally. 
[0352] Moreover, there is also the form, which 
administrates the member list by the multiple adminis- 
trators (the team master and multiple sub masters), in 
order to decrease the administration load of the broad- 
cast communication which concentrates on one admin- 
istrator and to prevent the failure etc. beforehand. In this 
case, in order not to be used the member list of the dif- 
ferent version by the administrator, the more perfect 
broadcast communication can be realized by storing the 
member list in the terminal or the database, in which 
said each administrator can access. 
[0353] The broadcast communication system of this 
invention has realized the construction, which prevents 
the leakage of the message to the outside of the broad- 
cast communication member (for example, to prevent 
the leakage of the message to the server manager) by 
encrypting with the public key included in the member 
list. Therefore, it is necessary to verify whether the 
member list is administrated with the authentication or 
not, in the member list administration device 1e. 
The verification of the authentication here is confirming 
the following states. 

(1) The state that the member list is kept not to be 
tampered by the person who has not proper per- 
mission. 

(2) The state that the person, who created the 
member list, is the proper team master of the team 
doing the broadcast communication. 

[0354] For example, the state of (1) can be verified 
by the following steps. 

At first, the digital signature attached to the member list 
(the digital signature of the member X in the example of 
Figure 53) is decrypted to retrieve the message digest 
of the member list, 

the message digest which was retrieved by digesting 
the member list (the list including the team 101e, the 
member X, the member Y, ....the member B as the con- 
tent in the example of Figure 53) in use of the same 
Hash function at the creation time of the member list, is 
retrieved, 

and finally these two member lists are compared. 
Moreover, the state (2) can be verified, for example, by 
the way that the name of the signer to the member list 
(for example, the written name in the certificate which 
has the certificate format of the X.509), is displayed on 



the screen to be confirmed by the users of the member 
list. 

[0355] The list retrieval and storing unit ice has the 
unit that creates and stores the corresponding table 
which corresponds the information identifying the mem- 
ber list to the team master who administrates said mem- 
ber list. And the list retrieval and storing unit 1ce also 
has the unit that can judge whether the digital signature 
is the signature of the proper team master himself or not 
by checking the corresponding table mentioned above, 
when said list retrieval and storing unit 1ce confirms the 
authentication of the digital signature attached to the 
member list. Then, the list retrieval and storing unit 1ce 
can authenticate the member list by using these units 
mentioned above. 

[0356] Moreover, when creating the corresponding 
table, for example, it can be verified by the way that the 
member list is displayed on the screen to be confirmed 
the team master by the member list user, in the case of 
the member list retrieved for the first time. When the 
affirmative directive comes out here (when this team 
master is recognized as the signer of the member list), 
the authentication comes to be automatically done 2nd 
henceforth by having further additional unit, which adds 
the information which identifies the member list (the 
team name, i.e., the team 101e, in the example in Figure 
53) and the team master who administrates the member 
list (the team master, i.e., the member X, in the example 
in Figure 53), to the table. 

The above mentioned unit to verify the authentication of 
the member list is equipped in the encrypted message 
generation device, the encrypted message decrypting 
device and the message broadcast device, which are 
mentioned later, and operates at the time of retrieving or 
utilizing of the member list. 

Example 5-3a 

[0357] Next, as the Example 5-3a of the member 
list administration device 1e, the structure, which is 
equipped further with the list transmit unit 1de in the 
member list administration device 1 e of Example 5-1 a or 
Example, is explained. 

The list transmit unit Ide operates to transmit the mem- 
ber list to the terminal in which the member included in 
the member list uses. 

By taking this structure, the newest member list can be 
quickly and correctly shared among the members of the 
member list. 

[0358] Moreover, the team master further has to 
modify the destination list which is referred when the 
message broadcast unit re-distributes the message. 
The mechanism for modifying this destination list varies 
with the kind and the structure of the message broad- 
cast device. For example, the structures and protocols 
of the device differ between the broadcast system of 
voice chat and the broadcast system of mail. In the 
member list administration device 1e of this example, 
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the unit to modify the destination list can be further 
added into the member list administration device 1e, so 
that the operation method does not vary with the using 
system, and the members included the member list 
become the same as the members included in the des- 
tination list. As the unit to modify the destination list, the 
method, that the member list is transmitted from the list 
transmit unit 1 de in this Example to the message broad- 
cast device and is used as the destination list at said 
message broadcast device, is taken as the most simple 
Example. 

Example 5-4a 

[0359] As the Example 5-4a of the member list 
administration device of this invention, the structure, 
which is further equipped with the subscription unit 1ee 
in the member list administration device 1 e of the Exam- 
ple 5-1 a or the Example 5-3a, is explained. 
[0360] In order to receive a subscription on the 
member list of broadcast communication, the subscrip- 
tion unit 1ee comprising, 

the subscription item setting unit in which the team 
master of the broadcast communication sets the 
subscription item to the destination list of the spe- 
cial broadcast communication, 
the subscription item presentation unit which 
presents the item in which the subscription claimant 
should fulfill when the subscription request is 
received, 

and the subscription license judgment unit which 
judges whether the subscription is permitted or not 
when said subscription, that the subscription claim- 
ant has transmitted, fulfills the subscription item. 

[0361] Moreover, the subscription unit 1ee of this 
Example verifies the subscription by asking the data 
base or the server, etc., which is set on the network, 
when it is verified whether the subscription is correct or 
not. For example, when the credit card number is written 
in the subscription items, the validity of said credit card 
number can be verified by accessing to the terminal 
which is operated by the credit card company. And, 
when the certificate is included in the subscription men- 
tioned above, said certificate can be verified by access- 
ing the certificate database, which is operated by the 
certificate authority. 

[0362] The automatic subscription of the recipient 
to the broadcast communication is realizable with the 
above-mentioned unit of the subscription unit 1ee. As 
one example of the automatic subscription of the recipi- 
ent to the broadcast communication realized now, for 
example, when the subscription process to the mailing 
list is automated and the user registers on WWW page, 
there is the system, which can join the mailing list auto- 
matically. However, the present mailing list automates 
the process started by the privilege of the administrator 



of the message broadcast device, and in the present 
automation process, the administrator of the message 
broadcast device only offers the structure which can set 
up the destination member freely. The subscription 

5 device "lee of this Example is for preventing the 
improper act by the malicious administrator of the mes- 
sage broadcast device etc., and offering the structure of 
the automatic subscription having more high safety. 
[0363] Here, it is more desirable for the public key or 

w the private key to use after verifying that whether said 
public key or said private key included in the member list 
is surely the principal's key or not, the usage period is 
over or not when it was set, and the private key is 
already leaked or not. Therefore, in the each operation 

15 form of the member list administration device 1e, it may 
be taken the operation, in which the validity of the public 
key or the private key which is used for the digital signa- 
ture, is verified by referring to the database on the net- 
work, such as directory data base, which registered the 

20 status indicating the validity and reliability of the public 
key, which is issued by the certificate authority and the 
service business company, by using the protocol, which 
is the same as or different from that of the broadcast 
communication, for example, LDAP(Lightweight Direc- 
ts tory Access Protocol), OCSP(Online Certificate Status 
Protocol), etc., when SMTP (Simple Mail Transfer Proto- 
col) is used in the broadcast communication. 
[0364] The here-explained unit, which verifies the 
validity of the private key which is used for the public key 

30 or digital signature, becomes effective in the case of the 
confirmation of digital signature, or the administration of 
the member list, by also having this unit in each of the 
below-mentioned the encrypted message creation 
device, the message broadcast device, and encrypted 

35 message decrypting device. 

[0365] In the above, the forms of each Example of 
the member list administration unit of this invention are 
explained. 

[0366] Next, the form of the operation of the 
40 encrypted message generating device of this invention 
is explained. Figure 57 includes and expresses the form 
of the operation of Example 5-1 b to Example 5-3b of the 
encrypted message generating device of this invention. 

45 Example 5-1 b 

[0367] The form of the operation of Example 5-1 b of 
the encrypted message generating device of this inven- 
tion comprises the list retrieval and storing unit 2ae 
50 which retrieves and stores the member list through the 
network, and the encryption unit 2be which creates the 
encrypted message. 

[0368] The list retrieval and storing unit 2ae 
retrieves the member list, which has been stored in the 
55 resource database arranged on the network, by using 
the protocols which is the same as or different from that 
of the broadcast communication (for example, HTTP, 
etc., when SMTP is used in the broadcast communica- 
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tion). Or the list retrieval and storing unit 2ae stores the 
transmitted member list in the memory device (not 
shown), and retrieves the member list by reading said 
member list from the storing place, when it is required. 
[0369] Moreover, when the encrypted message 5 
generating device 2e has already stored the member 
list, the list retrieval and storing unit 2ae operates to con- 
firm whether the member list is the newest version or 
not. For example, the version of the newest member list 
is asked to confirm to the data base arranged on the w 
network where the message about the newest version 
of the member list was stored, by using the protocols 
(for example, LDAP, OCSP, etc. when SMTP is used in 
the broadcast communication), which are the same as 
or different from those of the broadcast communication. 15 
Moreover, the list retrieval and storing unit 2ae has the 
unit to verify the authentication of the member list 
explained in the Example of the above mentioned mem- 
ber list administration device 1 e, and verifies the authen- 
tication of the member list at the time of retrieval of the 20 
member list. In addition, the memory unit (not shown) 
comprises the nonvolatile memory device, such as 
EEPROM, the hard disk, and the optical-magnetic disk. 
[0370] Next, the encryption unit 2be retrieves the 
broadcast communication message (the plain mes- 25 
sage) and the member list, which are retrieved by the 
list retrieval and storing unit 2ae as shown in Figure 58, 
and encrypts the broadcast communication message to 
create the encrypted message, by the secret key cryp- 
tography (for example, the cryptography which uses the 30 
same key in encryption and decryption, such as DES 
etc.). 

And the encrypted secret key, which is made by 
encrypting the secret key used for the encrypted mes- 
sage generation by the public key cryptography (for 35 
example, RSA cryptography) in use of each member 
public key included in the member list, is created. If the 
members are three at this time, three encrypted secret 
keys will be created. 

[0371] Furthermore, the key selection information 40 
for selecting the encrypted secret key corresponding to 
the destination member, among the multiple encrypted 
secret keys, is created. As this key selection informa- 
tion, for example, the table, which indicates correspond- 
ence between the member names and the encrypted 45 
secret keys, may also be used. 

[0372] Moreover, the broadcast communication 
message is digested by using Hash function and the 
digital signature encrypted by the sender's private key is 
affixed. It comes to be able to prevent tampering and to 50 
confirm the senders by this digital signature. 
[0373] And as the encryption information, the 
encryption unit 2be operates to out put the encrypted 
message, the encrypted secret key, the key selection 
information, and the digital signature. 55 
In addition, in the broadcast communication system, 
this encrypted message generation device 2e is used at 
the sender side terminal. 



Example 5-2b 

[0374] Next, the Example 5-2b of the encrypted 
message creation device 2e takes the structure which is 
further equipped with the destination check unit 2Ce in 
the Example 5-1 b as shown in Figure 57. 
The destination checking unit 2ce checks the recipient 
of the broadcast communication message, and only 
when the message broadcast device is the recipient 
and the member list used for the broadcast communica- 
tion can be retrieved, said destination checking unit 2ce 
operates to deliver the broadcast communication mes- 
sage to the encryption unit 2be. 

By comprising this destination checking unit 2ce, the 
encrypted message generating device 2e can be imple- 
mented only for the encryption operation and therefore, 
the generation of the broadcast communication mes- 
sage itself can be done with a general message gener- 
ating device (a word processor, a mailer, a chat client, 
etc.). 

[0375] For example, when the encrypted message 
generating device 2e is realized as a plug-in software of 
the mailer, the text of the mail and the creation of the 
attachment file can use the unit of the conventional 
mailer. The plug-in software as the encrypted message 
generating device 2e checks the destination address 
before the mail sending, and when the address of the 
mailing list server is the destination, the said encrypted 
message generating device 2e retrieves the member list 
corresponding to this address, and does the above- 
mentioned encryption to create the encrypted message 
by using the public key included in the member list. This 
encrypted message is transmitted to the mailing list 
server by using the communication facility that the con- 
ventional mail uses (for example, communication facility 
which used SMTP as the protocol). 
In addition, the encrypted message generation device 
2e of this Example may further be equipped with the 
exclusive broadcast communication message generat- 
ing unit (not shown) which creates the broadcast com- 
munication message. 

Example 5-3b 

[0376] Next, the Example 5-3b of the encrypted 
message device 2e takes the structure which is further 
equipped with the multiple parts sending unit 2de in the 
form of Example 5-1 b or Example 5-2b as shown in Fig- 
ure 57. 

In this Example, when the broadcast communication 
message consists of the multiple parts, the encrypted 
unit 2be does the above-mentioned encryption opera- 
tion for each part, to create the encrypted message. 
And, as shown in Figure 59, when the broadcast com- 
munication message associated with the multiple part, 
the multiple part sending unit 2de operates that some of 
the parts are transmitted to the information storing unit 
5e which can check from the message broadcast device 
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according to the receiving capacity of the message 
broadcast unit. In this case, the optimum protocol for the 
sending of each part can be used. For example, a real- 
time communications protocol is used for a voice chat, 
and a file transfer protocol is used for the transfer of the 5 
file. 

[0377] In addition, the multiple part sending unit 2de 
can know the information storing device 5e, which can 
be checked from the message broadcast device 4e and 
be permitted to transmit the part of the broadcast com- 10 
munication message, by asking to the resource data- 
base arranged on the network or said message 
broadcast device 4e. Moreover, by the another method, 
the multiple sending unit 2de can also know the informa- 
tion storing device 5e by using to include the address of 15 
said information storing device 5e to the member list. 
Moreover, when the multiple parts are transmitted to the 
separated devices, the recipient has to verify whether all 
the original information becomes to complete or not. In 
such case, the perfection of the whole broadcast com- 20 
munication message can be verified by appending the 
following message, even when each information is 
transmitted to completely different device. The mes- 
sage, that is appended, is the message digests or the 
signed said message digest by digital signature, which 25 
is created by digesting the information which consists of 
one or some of following data: 

the all original message parts, the all encrypted 
message parts, the set of the message digest of 30 
each message part, the set of the message digest 
of each encrypted message part. 

[0378] In this Example, even if the communication 
becomes over the multiple protocols of the each part, 35 
the same encryption processing and member list are 
used, the broadcast communication between the mem- 
bers, who are registered by the team master, can be 
surely done, and the safety and certainty level of said 
broadcast communication of each part can be kept 40 
equivalent. 

[0379] In the broadcast encrypted communication 
system, this Example is effective, when the messages 
in the different formats are broadcast simultaneously. 
For example, there are the eases that an agreement file 45 
may be transmitted simultaneously while the member 
over the multiple company has the business talk using 
the voice chat broadcast communication system, and a 
big file (for example, 5M bytes of image file), which 
exceeds the capacity of the mail system, may be trans- 50 
mitted simultaneously while the encryption mail is trans- 
mitted to the member by using the mailing list broadcast 
communication system. For example, in the case of the 
voice chat, when the agreement file is transmitted, if the 
voice of the voice chat stops and the broadcast commu- 55 
nication is interrupted, there may be the risk of omission 
etc. occurring in the case of the important confidential 
information is being transmitted. 



[0380] Moreover, in the mailing list broadcast com- 
munication device, while the capacity is different with 
the configurations of each receiving-side mail system 
(for example, 3 M byte in the mail system of the member 
A, and 1 M byte in the mail system of member Be), the 
receiving capacity is also different from that how much 
capacity in the buffer for the mail reception assured for 
the specified members is there, so that the sender can- 
not assume whether he can transmit certainly. This 
Example operates effectively also in these environ- 
ments. 

[0381] Moreover, as for the public key included in 
the member list used at the encryption time, the safety 
of the security is improved more by verifying the validity 
of the public key before it is used for the encryption. For 
example, if all public keys are valid at the time when the 
team master creates the member list, there are the pos- 
sibilities that the key, which passed the validity period, 
may exist, or the private key may be leaked, when the 
same keys are going to be used after in the fixed period. 
In the examples of each operation of the encrypted 
message generating device 2e, the safety of the system 
improves further by having the key validity verification 
unit which is the same as the unit to verify the validity of 
the private key, which are used for the public key or the 
digital signature of the member list administration unit 
1e. 

[0382] In the above, the examples of each opera- 
tion of the encrypted message generating device of this 
invention were explained. 

[0383] Next, the examples of the encrypted mes- 
sage decryption device of this invention are explained. 
Figure 60 includes and shows Example 5-1 c to Exam- 
ple 5-5c of the encrypted message decryption device of 
this invention. 

Example 5-1 c 

[0384] Example 5-1 c of the encrypted message 
device 3e comprises the encrypted message retrieval 
device 3ae, which retrieves the encrypted message 
transmitted from the message broadcast device men- 
tioned later, and decryption unit 3be, which decrypts the 
encrypted message. 

First, the decryption unit 3be chooses the encrypted 
secret key used for the decryption from the multiple 
encrypted secret keys which is equivalent to the number 
of the members with checking to the key selection infor- 
mation included in the encrypted message as shown in 
Figure 58. And the encrypted secret key is decrypted to 
retrieve the secret key by using the private key of the 
recipient in use of the public key cryptography. The 
encrypted message included in the encryption informa- 
tion is decrypted, by using the secret key in use of the 
secret key cryptography, to retrieve the broadcast com- 
munication message, which is the plain text. And, the 
message digest MDe, in which the digital signature is 
decrypted by the sender's public key, and the message 
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digest MD'e in which the broadcast message (plain- 
text), which decrypted the encrypted message, is 
digested by using Hush function, are compared and ver- 
ified to confirm tampering and the sender. 

Example 5-2c 

[0385] Next, as Example 5-2c of the encrypted 
message decryption device 3e, said encrypted mes- 
sage decryption device 3e has the structure, which is 
equipped further with the notification sending unit 3ce 
which sends the notification to the message broadcast 
device to confirm that the recipient has received by him- 
self, as shown in Figure 60. For example, the notification 
sending unit 3ce sends the message digest of the 
received contents of the broadcast communication, the 
time stamp of the received time, and the receipt infor- 
mation, in which the digital signature to ID of the recipi- 
ent etc is appended.. 

[0386] Taking this structure is based on the possibil- 
ities that, for example, the communication content can 
not be received by the recipient when the communica- 
tion line is interrupted. Therefore, it is desirable that the 
recipient sends the receipt information. However, in the 
conventional notification (for example, an opening notifi- 
cation of e-mail), since the malicious person is enabled 
to send said notification of this opportunity on the way, 
said notification cannot be called the safe one. The 
encrypted message decryption device 3e of this Exam- 
ple has prepared the above-mentioned notification 
sending unit 3Ce. By this way, in the broadcast commu- 
nication which sends or receives the confidential infor- 
mation, the notification, in which the recipient appended 
the digital signature by himself, can be sent to the mes- 
sage broadcast device, and it can be confirmed that 
said notification is certainly delivered to one of the 
members, who is registered in the member list, by veri- 
fying said digital signature, at said message broadcast 
device. 

Example 5-3c 

[0387] Next, as Example 5-3c of the encrypted 
message decryption device 3e, said encrypted mes- 
sage decryption device 3e has the structure which is 
equipped further with the multiple parts notification unit 
3de in the encryption message decryption device of 
Example 5-1 c or Example 5-2c. The multiple parts noti- 
fication unit 3de judges whether one part of parts is 
transmitted to the information storing device 5e or not, 
according to the content of the broadcast communica- 
tion message, as shown in Figure 59, and when said 
parts are transmitted, the said the multiple parts notifi- 
cation unit 3de asks the information storing device 5e, 
and retrieves said parts using the optimum protocol (for 
example, HTTP protocol and FTP protocol) for sending 
each parts. Moreover, when the encrypted message 
comprises the multiple parts, the decryption unit 3be of 



this example operates to do the decryption processing 
for each parts of every. 

In addition, this example corresponds to the case that 
the broadcast sentence comprises the multiple parts 
5 and some of the parts are transmitted from the mes- 
sage broadcast device 4e to the information storing 
device 5e, which can be checked, by the encrypted 
message generating device 2e. 

w Example 5-4c 

[0388] The form of Example 5-4c of the encrypted 
message decryption device of this invention has the 
structure which is equipped further with the broadcast 

15 communication security checking unit 3ee in the 
encrypted message decryption device 3e of Example 5- 
1c or Example 5-3c, as shown in Figure 60. 
As one of the units, the broadcast security checking unit 
3ee operates to verify whether the sender is the mem- 

20 ber registered in the member list or not. In the case of 
this verification, the broadcast security checking unit 
3ee mentioned above retrieves the member list from the 
below-mentioned list retrieval and storing unit 3fe to 
confirm the sender. 

25 Moreover, the broadcast security checking unit 3ee 
mentioned above may also ask whether the sender is 
included in the member list or not by using the protocol 
(for example , LDAP, etc.), which is accessed to the 
resource database, in which the information about the 

30 member list arranged on the network is registered. 
Moreover, the broadcast security checking unit 3ee 
mentioned above may also have further the same unit 
as the below-mentioned broadcast security checking 
unit in the message broadcast device. 

35 

Example 5-5c 

[0389] The form of Example 5-5c of the encrypted 
message decryption device of this invention has the 
40 structure which is equipped further with the list retrieval 
and storing unit 3fe in the encrypted message decryp- 
tion device 3e of Example 5-1 c or Example 5-4c as 
shown in Figure 60. 

The list retrieval and storing unit 3fe retrieves the mem- 
45 ber list stored in the resource database arranged on the 
network, by using the protocols which are the same or 
different in the broadcast communication (for example, 
HTTP, etc., when SMTP is used in the broadcast com- 
munication). Moreover, the list retrieval and storing unit 
50 3fe stores the transmitted member list in the memory 
device (not shown), and retrieves said member list by 
reading said member list in the storing device. 
[0390] Moreover, when the encryption message 
decryption device 3e has already stored the member 
55 list, the list retrieval and storing unit 3fe operates in 
order to confirm whether the member list is the newest 
version or not. For example, the list retrieval and storing 
unit 3fe asks to confirm the version of the newest mem- 
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ber list to the database which has been arranged on the 
network, where the information about the newest ver- 
sion of the member list is stored, by using the protocols 
which are the same as or different from that of the 
broadcast communication (for example, LDAP, OCSP, 5 
etc. when SMTP is used in the broadcast communica- 
tion). 

[0391] Moreover, the list retrieval and storing unit 
3fe is equipped with the unit to verify the authentication 
of the member list explained in the example of the mem- 10 
ber list administration device 1e mentioned above, and 
verifies the authentication of the member list at the time 
of the retrieval of the member list. 
Furthermore, the unit to verify the validity of the private 
key used for the public key or the digital signature, which 15 
are explained in the example of the above-mentioned 
encryption message generating device, may also be 
equipped to use in the decryption unit 3be and the list 
retrieval and storing unit 3fe. By having these units fur- 
ther, the safety of the system is improved further. 20 
In the above, the each examples of the encrypted mes- 
sage decryption device of this invention was explained. 
[0392] Figure 61 includes and shows Example 5-1 d 
to Example 5-6d of the message broadcast device of 
this invention. 25 

Example 5-1 d 

[0393] First, Example 5-1 d of the message broad- 
cast device of this invention is explained. 30 
This example comprises the destination list administra- 
tion unit 4ae which stores and administrates the destina- 
tion list administrated by the team master, the message 
replication unit 4be which replicates the transmitted 
encryption message in order to transmit to the destina- 35 
tion member included in the destination list, and the 
sending unit 4ce which transmits the replicated encryp- 
tion message to each destination member. 
[0394] The destination list administration unit 4ae is 
equipped with the units to store and administrate the 40 
destination list, to retrieve and store the member list, to 
verify the authentication of the member list explained in 
the example of the member list administration device in 
the case of the retrieval of the member list, and to match 
the member list and the member included in the desti- 45 
nation list. In addition, when the destination list adminis- 
tration unit 4ae sets up the destination list by checking 
the member list, said destination list administration unit 
4ae is further equipped with the unit to confirm whether 
the member list is the newest version or not. For exam- 50 
pie, the version of the newest member list may be asked 
to the database, which is arranged on the network 
where the information about newest version of the 
member list, by using the protocols which are the same 
as or different from that of broadcast communication (for 55 
example, LDAP, OCSP, etc., when SMTP is used in the 
broadcast communication). 



Example 5-2d 

[0395] Example 5-2d of the message broadcast 
device of this invention has the structure which is 
equipped further with the list authentication unit 4de in 
the message broadcast device 4e of Example 5-1 d. 
The list authentication unit 4de authenticates the mem- 
ber list, when the member list is retrieved. The unit to 
verify the authentication of this member list is already 
explained in the example of the member list administra- 
tion device 1e mentioned above. 

Example 5-3d 

[0396] Example 5-3d of the message broadcast 
device of this invention has the structure which is 
equipped further with the affixed information affixing unit 
4ce in the message broadcast device 4e of Example 5- 
1d or Example 5-2d. 

The affixed information affixing unit 4ce affixes the vari- 
ous information, which are made by the team master or 
the administrator of the message broadcast device 4e (a 
service information, an administration information, etc.), 
to the encryption message. The destination member 
can be offered widely with large service by this unit to 
affix the additional information. 

Example 5-4d 

[0397] Example 5-4d of the message broadcast 
device of this invention has the structure which is 
equipped further with the broadcast communication 
security checking unit 4fe in the message broadcast 
device 4e of Example 5-1 d or Example 5-3d. 
[0398] The broadcast communication security 
checking unit 4fe has the unit to verity the identity of the 
member list as the 1st unit. For example, when the ter- 
minal of the sender's side is failed, or the communica- 
tion line is interrupted, there is the possibility that the 
newest member list may not have delivered to the send- 
ers. The broadcast communication security checking 
unit 4fe verifies the identity between the member list 
used at the time of the encryption of the transmitted 
encryption message, and the member list used to cre- 
ate the destination list which is used by the server at the 
time of the transfer, in order to raise the safety of the 
broadcast communication more. 
[0399] For example, the identity of the member list 
can be verified by using the information, such as the 
version No. of the member list or the time when the 
team master created the member list (for example, 
when the time stamp, etc., is affixed). Moreover, as 
another method, the identity can also be verified by ver- 
ifying whether the digital signature affixed to the mem- 
ber list is the same or not. Moreover, as another 
method, the identity can be verified by comparing the 
message digest to the member list in use of Hash func- 
tion. 
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[0400] Moreover, the broadcast communication 
security checking unit 4fe has the unit to verify the 
broadcast sender, as the 2nd unit. As in the conven- 
tional broadcast communication, since the administrator 
of the message broadcast device 4e can see the con- 5 
tent of information, for example, said administrator can 
examine whether the slander / calumny information 
exists or not. However, since the formula of this inven- 
tion has realized the structure, in which the server 
administrator cannot see the content, information, there 10 
is the possibility that this message broadcast device 4e 
may be used unjustly. So, the broadcast communication 
security checking unit 4fe has the unit which retrieves 
the receiving rejection information in which the informa- 
tion terminal, which rejects the information receiving (for 15 
example, it can be identified by IP address, etc.), or the 
identification information of users (for example, it can be 
identified by the mail address or the certificate pub- 
lished from the trusted certificate authority, in the case 
of the mail system), are included. And the broadcast 20 
communication security checking unit 4fe also has the 
unit which verify whether the sender of the message, 
which is transmitted to the message broadcast device 
4e, or the sender's terminal, are included in the receiv- 
ing rejection information or not. In addition, as the 2 5 
receiving rejection information, for example, the per- 
sonal mail address, which sent the SPAM mail in the 
past, and the IP address of the terminal, in which the 
security level is low and the identification of the principal 
may not be done by the right procedure, and the list of 30 
the network address, are included. 
[0401] Moreover, the broadcast communication 
security checking unit 4fe has the unit to verify the con- 
tent of the broadcast communication as the 3rd unit. 
This unit verifies also about the sender or the content of 35 
the communication, in order to raise the security of the 
broadcast communication. This unit verifies also 
whether the sender is the person in the member list or 
not, or the malicious programs or data lines are included 
in the transmitted information or not. 40 
[0402] Moreover, the broadcast security checking 
unit 4fe has the unit which verifies that the parts, which 
is stored in the information storing device, and is 
checked from the encrypted message decryption 
device, among the encrypted message which com- 45 
prises multiple parts, was rightly transmitted to the infor- 
mation storing device, as the 4th unit. This unit judges 
whether the parts are transmitted to another information 
storing device or not, among the encrypted message 
which comprises multiple parts, by checking to the 50 
transmitted encrypted message. And then, when the 
parts were transmitted to another information storing 
device, it is verified that said parts were transmitted cer- 
tainly. 

Furthermore, the unit to verify the validity of the public 55 
key and the private key used for the digital signature, 
which are explained in the example of the encrypted 
message generating device mentioned above, also has 



the form which is equipped and used in the broadcast 
communication security checking unit 4fe. 

Example 5-5d 

[0403] Example 5-5d of the message broadcast 
device of this invention has the structure which is 
equipped further with the broadcast communication 
contents storing unit 4ge in one of the message broad- 
cast device 4e of Example 5-1 d or Example 5-4d. 
[0404] The broadcast communication contents stor- 
ing unit 4ge stores the transmitted information or one 
part of the information or those information with affixed 
information. For example, when a hindrance occurred in 
the mail server in the mail system, or when the terminal 
of the recipient is failed, even if it is the transmitted infor- 
mation, it may not be received correctly. Moreover, in 
the voice chat, the voice may become discontinuity for 
the sake of the convenience of the communication line. 
Thus, even if the situation in which the data sent by the 
sender side and the data sent by the receiving side 
were not matched, occurs, said data is stored safely by 
the storing unit in the broadcast communication con- 
tents storing unit 4ge, and when said data becomes to 
be necessary, it is possible to reconfirm or retrieve. 

Example 5-6d 

[0405] Example 5-6d of the message broadcast 
device of this invention has the structure which is 
equipped further with the broadcast communication 
automatic start unit 4he in one of the message broad- 
cast device 4e of Example 5-1 d or Example 5-5d. 
In order to start the broadcast communication automat- 
ically without obtaining the server administrator's man- 
ual permission, the broadcast communication 
automatic start unit 4he has the start request item pres- 
entation unit which shows the items which should be ful- 
filled by the start request claimant, at the start reception 
by the server administrator, the start license judgement 
unit which judges whether the start reception request, 
which is transmitted from the start request claimant, ful- 
fills the start request items to permit the start or not, and 
the broad cast communication start setting up unit, 
which makes the start request claimant to the team 
master, and sets up the start so that the broadcast com- 
munication becomes possible by the member, who is 
specified by the team master, when the star is decided. 
[0406] In the conventional broadcast communica- 
tion system, the administrator of the message broad- 
cast device had to do the working relating to the start at 
beforehand, For example, the workings to set up the 
destination list, to distribute the IC card, or to register 
the public key in the message broadcast device were 
required. Moreover, the encryption broadcast communi- 
cation may be considered that it is not the communica- 
tion that continues for a long time but to be used in the 
minimum time, when it was required, in many case. For 
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example, the case, such as the voice chat of one hour, 
or the transfer of three agreement files, is considered. In 
this case, the working load about the start and the dele- 
tion of the broadcast communication in the message 
broadcast device 4e becomes very large. Moreover, 5 
since there is dangers, such as the existence of the evo- 
lution of mistakes and existence of the administrator 
having malice, the system, which does not need the 
manual setups by such persons as much as possible, is 
desirable on the safety. Then, the message broadcast 10 
device 4e of this example will offer the unit which can 
start broadcast communication automatically, if fixed 
usage conditions (for example, the payment of the 
charge proportional to usage time etc.) are fulfilled, 
without necessary the manual setups by the server 15 
administrator. 

[0407] Furthermore, the broadcast communication 
automatic start unit 4he can also be equipped with the 
start request confirmation unit which verifies whether 
the start receptionist request that the start claimant has 20 
transmitted, is a correct request or not. For example, 
when the credit card is described in the accounting 
item, the start request confirmation unit verifies whether 
the number of the credit card, is registered exactly, and 
is in the status in which the accounting is possible or 25 
not. In the case of this verification, when there are no 
data used for the verification in the message broadcast 
device 4e, the start request confirmation unit asks to the 
data base, the server, etc., which are arranged on the 
network and have specified data. 30 
[0408] The message broadcast device 4e of Exam- 
ple 5-6d may also be equipped with the secession 
request acceptor unit (not shown) which accepts the 
secession request of the member of broadcast commu- 
nication. 35 
For example, there is a risk that a certain person who 
doesn't intend to join is registered without one's leave 
and only the unnecessary information and the slander/ 
calumny information are transmitted to the person. In 
the message broadcast device 4e of this example, when 40 
the secession request that the member of the broadcast 
communication leaves from said broadcast communica- 
tion comes to the message broadcast device, the 
secession request reception unit stops the transfer of 
the message to this member, and notifies this informa- 45 
tion to the team master. And, the confirmation methods, 
such as the digital signature and the shake hand, can 
be used, in order to investigate whether the secession 
request is the transfer termination request which is cre- 
ated surely by the secession request member himself or 50 
not. 

In the above, each examples of the message broadcast 
device of this invention was explained. 
[0409] Next, as Example 5-1 of the broadcast com- 
munication system of this invention, the example in 55 
which a finance company distributes the stock news to 
the subscribers by using the message broadcast device 
which is operated by a third party is explained. In the 
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case of Example 5-1 shown in Fig. 62, in order to realize 
secure broadcast communication of the mail system, 
the unit of the message broadcast device of this inven- 
tion is realized by using the mailing list server and 
WWW server. This mailing list server is operated by the 
third party. 

[0410] In the case of WWW server which links to 
the mailing list server, which is operated by the third 
party the home page, which showed the items that 
should be fulfilled by the starting claimant and was set 
up by the administrator of said mailing list server at the 
start of the broadcast communication, is stored in such 
WWW server. The finance company downloads this 
homepage using SSL (Secure Socket Layer) communi- 
cation, in order to start the service automatically, and 
inputs the necessary items in the form corresponding to 
the items displayed on the browser. In Example 5-1 , the 
name, the credit-card number, and the service, which 
can broadcast to a maximum of 1000 persons, are writ- 
ten down in the form mentioned above, and a sending 
button is pushed to transmit to WWW server. 
[0411] The starting license judgment unit of the 
broadcast communication automatic start unit 4he 
mounted as the programs (for example, CGI), which 
works on WWW server, judges whether the starting 
should be permitted or not by using 4 data of the 
accessing person, i.e., the certificate, the name, the 
credit card number, and "1000", who was identified by 
SSL communication. In Example 5-1, the credit card 
number is asked to the credit card service company to 
verify whether the card holder and the owner of the cer- 
tificate are matched or not. When it matches, the page, 
which tells the permission of the starting, is transmitted 
again to the subscription claimant. However, when it not 
matches, the page which tells the rejection of the start- 
ing is transmitted again to the subscription claimant. 
[0412] When the starting is permitted, the mailing 
list address for the broadcast communication, in which 
the subscription claimant assigned to the team master 
administrates, is set up newly, by the broadcast start 
setting up unit of the broadcast communication auto- 
matic start unit 4he mounted as the programs which 
works on the mailing list server. Moreover, the destina- 
tion list (the empty list at the beginning) for distributing 
the information transmitted to this mailing list address, is 
set up. If these staring setups are completed, the mail- 
ing list server transmits the mail which notifies that the 
starting setups were terminated with success to the 
team master. 

[0413] The member list administration device 1e in 
Example 5-1 is, for example, mounted as an applet of 
JAVA, is incorporated into the homepage, and is stored 
in WWW server. The team master administrates the 
member list, which is hoped to set up, by using the 
applet downloaded in use of SSL communication, when 
the member list is created. The member list in Example 
5-1 consists of three lists, i.e., the team master list, the 
reporter list, and the recipient list. In the member list, the 
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sub master which can administrates the team in addi- 
tion to the team master is set in the team master list, 
and the reporter who writes stock news is registered in 
the reporter list. And the digital signature of the team 
master is done in the member list, and said member list 5 
is transmitted again to the message broadcast device 
4e. The message broadcast device 4e sets up the desti- 
nation list, after verifying the digital signature to judge 
whether the member list is rightly created by the team 
master or not. The destination rule in Example 5-1 is set 10 
up so that the broadcast communication information 
transmitted by the member of the reporter list may be 
replicated to the numbers of the members registered in 
the recipient list (included in the member list), and may 
be registered. 15 
[0414] If the recipient is the user who can do 
monthly accounting generally, the recipient uses the 
subscription acceptor unit 1 de of the member list admin- 
istration unit 1e, in order to mount so that said user may 
join automatically, in Example 5-1. The multiple sub 20 
masters are set in the team master list included in the 
member list set up by the team master. The sub masters 
also work in the personnel of the finance company and 
this sub masters are taking charge of the administration 
of the recipient list. The sub masters download the sub- 25 
scription item setting unit of the subscription acceptor 
unit 1 de, which is implemented as the page of WWW, by 
using SSL communication. In this case, WWW server 
looks at the certificate of the sub master, which is 
obtainable by SSL communication, and does the identi- 30 
fication and authentication of the sub master himself. 
Then, the subscription item is set up by filling the each 
item of the form in WWW page. In this example, the cer- 
tificate including the agreement consent rule, the 
accounting item, the mail address and the certificate 35 
including the mail address are designated to present, 
and furthermore, the public key of the sub master for 
encrypting the subscription of the subscription claimant, 
is designated so that the subscription is transmitted. 
[041 5] The subscription claimant to the above-men- 40 
tioned stock news destination service, first, does the 
digital signature to the agreement consent rule by using 
his own private key, and inputs the accounting item and 
the mail address, by using the subscription item presen- 
tation unit of subscription receptionist part 1 ee mounted 45 
as JAVA applet embedded in WWW page. When these 
information are transmitted, since these confidential 
information (the information concerning accounting 
especially: the credit card number, the account number 
of the bank, etc.) must not be visible to the administrator 50 
of WWW server or the mailing list server, so the public 
key of the sub master is retrieved and encrypted, then 
the said information is transmitted to WWW server. 
Moreover, since the above communication is done by 
SSL, the certificate can also be confirmed in the case 55 
attesting. 

[0416] The subscription from many subscription 
claimants are stored, as the subscription information 



encrypted, in WWW server. In Example 5-1 of the pack- 
age, the program, in which the accession license judg- 
ment unit of the subscription acceptor unit 1ee is 
mounted, accesses WWW server, retrieves the 
encrypted subscription information, and judges whether 
the each item is fulfilled in order to permit of the service 
subscription or not. For example, the program men- 
tioned above verifies whether the public key and the pri- 
vate key are still effective or not, by using the key 
authentication verification unit. As the result of the 
judgement, the notification mail, which indicates that the 
subscription is permitted or rejected, is transmitted to 
the subscription claimant. This program can operate 
automatically the member list administration device fur- 
ther. 

[0417] To the subscription in which the license was 
permitted, the member list stored in WWW server by 
using the member list administration device 1e, is 
retrieved by using member list retrieval and storing unit 
1ce. And then, the subscription claimant is registered in 
the recipient list among the member lists. In this mem- 
ber list, the digital signature is affixed to make the new 
member list, to this recipient list by using the private key 
of the sub master registered as the sub master, and the 
said new member list is transmitted again to WWW 
server. In WWW server, the authentication of the mem- 
ber list is confirmed by using the unit to verify the 
authentication of the above-mentioned member list, and 
it is verified furthermore whether all the public keys 
included in the member list are effective or not, by using 
the unit to verify the validity of the public key and private 
key used for the digital signature. If these verification 
results are positive, the destination list is updated by 
using the destination list administration unit 4ae. Moreo- 
ver, to the member included in the reporter list, the new- 
est member list is transmitted by using the list sending 
unit 1de (in the example, it is mounted by using SMTF 
protocol). 

[0418] The terminal, with which the reporter creates 
stock news, is the general-purpose computers (in this 
Example 5-1, a notebook personal computer, etc.) in 
which the electronic-mail software is included. The ter- 
minal designates the address of the mailing list of the 
stock news, which was created by using this electronic- 
mail software, and transmits said stock news. 
At this time, the encrypted message generating device 
2e, which was mounted as the plug-in software which 
links with this electronic-mail software, confirms that the 
stock news is going to be transmitted to the message 
broadcast device 4e, in which the mailing list address 
exists as the member list, by using the destination 
checking unit 2ce. 

[0419] In this case, first, the plug-in software veri- 
fies that whether the version of the member list, which 
exists in the personal computer of the terminal, is the 
newest version or not , by using the list retrieval and 
storing unit 2ae. This verification is done by asking the 
newest version to the resource database, which is con- 
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structed on the network on the base of the standard of 
X.500, by using LDAR 

When it is not the newest version, the newest member 
list is retrieved from the location, where the newest ver- 
sion registered in the resource database exists, (in this 5 
example, it is retrieved from WWW server by using SSL 
communication.) 

[0420] In the encrypted message generating device 
2e, after confirming the authentication of the member list 
by using the unit to verify the authentication of the mem- 
ber list, the encryption is done in the encryption unit by 
using the public key of the member of the recipient list 
included in the member list. At this time, the digital sig- 
nature affixing unit retrieves this reporter's private key 
from the IC card which recorded the private key which is 
hold by the reporter, and affixes the digital signature to 
the created news. By this signature, the recipient can 
confirm whether it is the news written by what reporter, 
and can confirm the reliability of the news. Moreover, 
the reporter who distributed the news becomes unable 
to deny having created the news. 
[0421] The mailing list transmitted to the address of 
the mailing list confirms first, whether the signature 
affixing person (in Example 5-1, the reporter) of the 
information transmitted by using the broadcast commu- 
nication security checking unit 4fe, is rightly included in 
the reporter list of the member list or not. Moreover, it is 
verified whether the versions of the member list is differ- 
ent or not by using the unit to verify the identity of the 
member list. As the result of verifying, when the version 
of the member list is different, the message, which spec- 
ified this fact, and the broadcast communication infor- 
mation are answered to this reporter. As the result of the 
above verification, if all is normal, the encryption mes- 
sage is replicated by using the message replication unit 
4be, and said replicated encrypted message is transmit- 
ted to the member included in the recipient list of the 
member list by using the sending unit 4ce mounted by 
SMTP protocol. 

[0422] The encrypted message decryption device 
3e of this invention, mounted as plug-in software 
installed in the electronic-mail software of the recipient, 
confirms, whether it is tampered or not, and who is the 
information creator, by using the unit to verify digital sig- 
nature of the decryption unit 3be, and confirms that the 
sender is the reporter of the finance company. After 
confirming, the encrypted message decryption device 
3e can decrypt to read the news. When the news can be 
decrypted safely, the receipt is transmitted to the mes- 
sage broadcast device 4e by using the notification send- 
ing unit 3ce. 

[0423] In addition, in order to confirm whether JAVA 
applet in this example is truly innocent or not, it can be 
verified to confirm the digital signature affixed to JAVA 
applet. 

In the above, the operation of each equipment in Exam- 
ple 5-1 was explained. 

[0424] Next, as the case of Example 5-2 of the 



broadcast communication system of this invention, the 
example when the confidential information, such as the 
estimation and the business meeting, etc., is carried out 
among the members over between the multiple busi- 
ness company (this aggregation is said to the team 
001 e), is explained. In Example 5-2 shown in Figure 63, 
the mailing list server is used as the message broadcast 
device. 

[0425] The team master of the team 001 e does the 
member list administration, which carries out broadcast 
communication of the confidential information, by using 
the member list administration device 1e implemented 
as the execution file on the OS of the general-purpose 
desktop computer. The team master of the team 001 e 
retrieves the member list by using the list retrieval and 
storing unit 1ce, and opens the list creation / modifica- 
tion GUI window. On this GUI window, the list of the 
member of the team 001 e and the list of the public key 
which is accessed and stored to the database of the 
public key in the terminal by using public-key adminis- 
tration unit 1be, are displayed. 

[0426] The team master of the team 001 e chooses 
the public key of the member, who joins the team, from 
the public-key list, and adds said public key to the mem- 
ber list of the team 001 e. Moreover, the team master of 
the team 001 e accesses the directory service, which is 
offered by the certificate authority on the network, by 
using the network accessing unit, which is offered by 
the public-key administration unit 1be, and retrieves the 
public key of the member, which is not in the terminal 
and said member is wanted to add newly to the team 
001e, and adds this public key to the member list. 
[0427] O.K. button is displayed on the GUI window, 
and after changing the member of team 001e, this O.K. 
button will be pushed. At this point, the unit to verify the 
validity of the private key used for the public key or the 
digital signature, accesses to the directory service of 
the certificate authority which published the certificate, 
in which each public key included in the member list is 
included, by using LDAP protocol, and verifies whether 
said public key is available or not. As the result of the 
verification, when there is the unavailable public key, the 
fact of this is displayed on the dialog and is notified to 
the team master. When all is available, the member list, 
which comprises the time stamp, the address of the 
mailing list, the team ID, the identified name of the team 
master, is created, and all data of this member list is 
digested by using MD5 of Hush function to create the 
digested data. 

[0428] Next, the private key of the team master is 
accessed, and the password decryption (in this exam- 
ple, the pass word decryption, mounted by using the 
secret key cryptography RC2, is used) is done, by using 
the password which is inputted from the dialog box by 
the team master. By using the private key of the team 
master retrieved as the result, the digital signature is 
created by encrypting the digested data in use of the 
public key cryptography RSA. This member list and the 
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digital signature are transmitted to the message broad- 
cast device 4e as the mail, by using SMTP protocol. 
[0429] In the message broadcast device 4e, the 
contents of SMTP mail, which comprises the format of 
the received multi part (MIME (Multipurpose Internet 
Mail Extensions)), are analyzed by using the member 
list retrieval unit of the destination list administration unit 
4ae, and the member list segment judged from Content- 
Type is obtained to be inputted in the list authentication 
unit 4de. The list authentication unit 4de confirms that 
the digital signature of the team master of the team 001 e 
is rightly affixed as the signature of a member list, and 
changes the recipient of the destination list by using the 
destination list administration unit 4ae. Then, the list 
authentication unit 4de replicates the member list and 
the digital signature for every MIME format to the recip- 
ient of the just changed destination list, and sends them 
to each recipient of the destination list. 
[0430] The encrypted message generating device 
2e, which operates as a mailer installed on the general- 
purpose desktop computer, recognizes that this mail is 
the member list in the broadcast communication, by 
Content-Type of MIME, when the mail, in which the 
member list was included, is received. At this time, the 
mailer obtains the member list and the digital signature, 
and, after confirming the authentication of the member 
list by using the unit to verify the authentication of the 
list, stores said member list and the digital signature by 
using the list retrieval and storing unit 2ae. 
[0431] After the member included in the team 001 
creates the mail which includes two attached files, i.e., 
the estimation and the agreement, by using the broad- 
cast communication message creation unit of the 
encrypted message generating device 2e mounted as 
the general running program which can be operated on 
the general-purpose desktop computer, when said 
member pushes the sending button, the destination 
checking unit 2ce checks the sender's address, and 
examines whether there is the member list, which is pri- 
vate used for the sender's address or not, in the multiple 
member list in which the sender's address is stored in 
the terminal. 

[0432] When there is the member list, this attached 
file and mail are encrypted by using the public key of the 
member list. In this case, the encryption unit 2be 
encrypts each attached file and the mail text separately, 
and also affixes the digital signature separately. The 
attached file is transmitted to the information storing 
device 5e (information storing server) without attaching 
directly, among the information which comprises these 
multiple parts. The multiple parts sending unit 2de asks 
to the database on the network about the information 
storing device 5e corresponding to the mailing list 
address, and specifies the address of the information 
storing device 4e which should transmit two attached 
files and the sending methods (for example, protocol 
etc.). 

[0433] When the information storing device 5e 



knows that the sending method has the structure, in 
which the file transfer is permitted by using HTTP proto- 
col, the said information storing device 5e sends the 
message by using HTTP protocol . In that case, since 

5 the user authentication is possible by using SSL com- 
munication, the information storing device 5e can con- 
firm whether the user is included in the member list, 
which uses the broadcast communication service cur- 
rently done in the mailing list server, or not. Apart from 

10 the sending of two attached files, the mail text is trans- 
mitted with address which affixes the address of the 
information storing server. 

[0434] The mailing list sent to the address of the 
mailing list, first, confirms whether the person, who 

15 affixed signature of the information, which is sent by 
using the broadcast communication security checking 
unit 4fe, is certainly included in the reporter list in the 
member list or not. Moreover, the mailing list mentioned 
above verifies whether the versions of the member list is 

20 different or not, by using the unit to verify the identity of 
the member list. When the versions of the member list is 
different as the result of the verification, the information 
of said result of the verification and the broadcast com- 
munication information is returned to the reporter. More- 

25 over, the mailing list mentioned above is verified 
whether the malicious programs or virus, etc., which 
uses the bug of device or software, are included or not 
in the content of the communication, by using the broad- 
cast communication contents verifying unit of the broad- 

30 cast communication security checking unit 4fe. 
Moreover, the mailing list mentioned above verifies 
whether two attached encrypted files are transmitted 
and stored in the information storing device 4e surely or 
not, by using the information storing device reference 

35 unit of the broadcast communication security checking 
unit 4fe. 

[0435] If all is normal, as the result of the above ver- 
ification, the content of broadcast communication is 
stored in the database connected to the mailing list 
40 server, by using the broadcast communication contents 
storing unit 4ge. 

[0436] In that case, the time stamp and the digital 
signature using the private key of the mailing list server 
are affixed to store. And, the time about the confirmation 

45 that the attached file was stored in the information stor- 
ing device 4e, and the information about this encrypted 
message being stored in the mailing list server are 
affixed to the encryption message. And the encrypted 
message and the affixed message are replicated by 

50 using the message replication unit 4be, and then, said 
replicated information are transmitted to the member 
included in the recipient list of the member list, by using 
the sending unit 4ce implemented by using SMTP proto- 
col. 

55 [0437] The user, who is going to retrieve the mail by 
the WWW browser at the business trip place, down- 
loads the encrypted message decryption device 3e 
mounted as the JAVA applet, and receives this 
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encrypted message on the browser. This JAVA applet 
retrieves the newest version of the member list from the 
network by using the list retrieval and storing unit 3fe, 
and confirms whether the member list was created by 
the team master himself or not , by using the unit to ver- 
ify the authentication of the list. When this encrypted 
message is retrieved, first, the JAVA applet confirms the 
tampering / information creator, by using the unit to ver- 
ify the digital signature of the decryption unit 3be, and 
furthermore confirms that the sender is the business 
negotiation partner included in the member list by using 
the sender's reliability authentication unit of the broad- 
cast communication security checking unit 3ee. Then, 
after decrypting the information to see the encrypted 
message by using the decryption unit 3be, it becomes 
clear that the attached file is transmitted to the informa- 
tion storing device 5e. The multiple parts receiving unit 
3de downloads these attached files by using HTTP pro- 
tocol, decrypts each file again, and can retrieve the orig- 
inal message. 

In the above, the operation of each device in Example 5- 
2 was explained. 

[0438] In addition, this invention can also use LAN 
or the network by the dial up other than internet. 
Moreover, the member list administration can also be 
done by recording the programs for realizing the mem- 
ber list administration device of this invention to the 
record media which is readable by the computer, and by 
making to read and performing said program recorded 
in said record media in the computer system. That is to 
say, this member list administration program makes the 
computer to realize the unit, which creates the member 
list including the public key of one or more member, who 
does the broadcast communication, and the unit, which 
retrieves to store the above-mentioned public key. 
[0439] Moreover, the encrypted message creation 
can also be done by recording the programs for realiz- 
ing the encrypted message creation device of this 
invention to the record media which is readable by the 
computer, and by making to read to perform said pro- 
gram recorded by said record media in the computer 
system. That is to say, this encrypted message creation 
program makes the computer to realize the unit to 
retrieve to store the member list, through the network, 
and the unit, which retrieves the broadcast communica- 
tion message and encrypts to make said broadcast 
communication message to the encrypted message, by 
using the public key included in the abovementioned 
member list. 

[0440] Moreover, the encrypted message decryp- 
tion can also be done by recording the program for real- 
izing the encrypted message decryption device of this 
invention to the record media which is readable by the 
computer, and by making to read and to perform said 
program recorded by said record media in the computer 
system. That is to say, this encryption message decryp- 
tion programs makes the computer to realize the unit 
which retrieves the encrypted message transmitted 



from the message broadcast device, and the unit which 
decrypts the encrypted message included in the above- 
mentioned encrypted message. 

[0441] Moreover, the message broadcast process- 
5 ing can also be done by recording the program for real- 
izing the message broadcast device of this invention to 
the record media which is readable by the computer, 
and by making to read and to perform said program 
recorded by said record media in the computer system. 
w That is to say, this message broadcast processing pro- 
gram makes the computer realize the unit which admin- 
istrates the destination list, the unit which replicates the 
transmitted encrypted message, and the unit which dis- 
tributes the replicated encrypted message to each des- 
15 tination member. 

[0442] Moreover, even when the terminal that 
doesn't have the member list administration device, the 
encrypted message generating device, and the 
encrypted message decryption device of this invention, 
20 which are required for broadcast communication, must 
be used in order to realize broadcast also in a mobile 
network environment, the broadcast communication 
may also be done by downloading the software, which 
realizes the unit of each device from the software stor- 
es ing device which is arranged on the network and stores 
said software to realize each unit of device, and by mak- 
ing to read and to perform said software in the computer 
system built in the terminal. 

[0443] As explained to the detailed information 

30 above, according to invention of Example 5-1 a to 5-4a, 
Example 5-1 b to 5-3b, Example 5-1 c to 5-5c, 5-1 d to 5- 
6 d, there are the following effects. 
Since this invention was made in the structure which 
does not decrypt the encrypted message in the mes- 

35 sage broadcast device, it can be prevented that the 
improper-act, such as leakage and tampering of the 
content of the broadcast communication, is done by the 
administrator of the message broadcast device. And the 
content of the broadcast communication mentioned 

40 above can be shared by only the members who are truly 
necessary to share said content. 
Moreover, according to this invention, since the sub- 
scription unit was prepared in the member list adminis- 
tration unit and the broadcast communication automatic 

45 start unit was prepared in the message broadcast 
device, this invention can correspond quickly to the 
secession and subscription of the recipient who does 
broadcast communication, and even if there is the 
dynamic modification of the broadcast communication 

so member, this invention can prevent transmitting acci- 
dentally the message to the member who must not do 
broadcast. 

[0444] Moreover, since this invention does the 
administration by the member list, the administrator of 
55 the message broadcast device cannot administrate the 
distributed member of broadcast communication, but 
the distributed members can be administrated in the 
members who do broadcast communication, and the 



54 



105 



EP 1 083 699 A1 



106 



administration load concentrated on the administrator of 
the member can be alleviated. 

Moreover, according to this invention, since the broad- 
cast communication security checking unit and the 
broadcast communication contents storing unit are pre- 5 
pared in the message broadcast device and the notifica- 
tion sending unit and the broadcast communication 
security checking unit are prepared in the encrypted 
message decryption device, the majority of each distrib- 
uted members can receive the message certainly. 10 

Example 6 

[0445] Example 6 of this invention relates to the 
team data list processing system which creates, admin- 15 
istrates and stores the team data list to share the vari- 
ous information and functions offering to the users, 
between the constituents of the team (the user or the 
member), which correspond to the organization unit, 
such as the division or the section of the company, and 20 
thereby, safely shares these information and units for 
every team between the users. Furthermore, in detail, 
Example 6 relates to the system which has the team 
data list storing device which takes the process for stor- 
ing the team data list, and the team data list administra- 25 
tion device which does various administrations to the 
team data list retrieved from said team data list storing 
device. 

[0446] About Example 6 of this invention, the follow- 
ing technologies have been known. 30 
In order to share the various resources, such as various 
information and functions offered to the users, among 
the multiple users, it is necessary to prepare the unit 
which verifies whether the user, who requests the 
access to said resources, has the proper privilege to 35 
access said resources truly or not. In order to do such 
verification, the list called as the access control list 
(hereinafter referred to as "ACL"), which defines before- 
hand the user who has the proper access privilege to 
the resources, has been conventionally used. In addi- 40 
tion, ACL said here, is the one example of the lists which 
includes only the information for controlling the access 
to the shared resources, in the various information 
included in the team data list mentioned above. 
[0447] Figure 76 shows the outline of the conven- 45 
tional system, which does the information sharing 
between the multiple users by using ACL. In the system 
in Figure 76, the intranet 1£, the internet 2£, are con- 
nected with the server 5£ through the fire wall 3£ and 4£ 
respectively. And the sharing member 6£, who is not 50 
only in the intranet 1 C, but also outside of the intranet 1 
shares the information each other through the internet 
2£. As already known, the intranet 1£ is the closed net- 
work which is installed in the company, on the other 
hand, the internet 2C, is the public network in world wide. 55 
[0448] Moreover, the fair walls 3£ and 4C, are the 
computers which prevent that the invader with malice 
accesses to the intranet 1 C, unfairly. The server 5£ is the 



terminal (computer), in which the various resources are 
stored, and has the database 7£, in which the shared 
information is stored, and ACL 8£ which stores the 
member list about the group, which can access the des- 
ignated information or units, and about the members 
belonging in said group. This server 5C, has the data 
storing unit which administrates the shared information 
stored in the database 7£, and as the others than said 
data storing unit, has the user authentication unit which 
authenticates whether the communication partner cor- 
responding to the client is permitted beforehand, or not, 
the access control unit which verifies the access to the 
shared information based on ACL 8£, and the group 
administration unit which enables that only the specified 
group member accesses the specified shared informa- 
tion, based on ACL 8£. 

[0449] In the system in Figure 76, when the access 
request is occurred from the sharing member or the 
user in the intranet 1 £ to the database 7£, the server 5£ 
does the user authentication each time by checking 
ACL 8£, and permits the access when said user is 
defined as the member in ACL 8£, and rejects the 
access when said user is not defined. Moreover, when 
the access to the concerned user is permitted, the 
server 5£ verifies whether the concerned member is 
included in the specific group or not, by checking ACL 
8£, and investigates whether said member is permitted 
about the shared information in which the access 
request is done. 

[0450] On the other hand, Figure 77 shows the con- 
ventional one realized example for sharing the informa- 
tion by only the member belonging in the specified 
group. The server SV£ in this figure corresponds to the 
server 5£ in Figure 76 and the client CLC, corresponds to 
the sharing member 6£ in Figure 76 and the terminal 
which is controlled by the person in the intranet 1£. In 
Figure 77, the member list 9£ is installed on the server 
SV£. The member list 9£, which exists on the each 
group, comprises the group ID, which is the identifier 
given to the concerned group, the public key of each 
member in the group, and the public key number, which 
is the identifier given to these public keys, and the sig- 
nature of the group administrator in the concerned 
group is affixed. 

[0451] When the client CL£ requires the member 
list about the specific group to the server SV£ by desig- 
nating the group ID, the server SV£ transmits the mem- 
ber list 9£, which corresponds to the designated group 
ID, to the client CL£, as the public key ID list, after doing 
the designated permission test. The client CL£ creates 
the member list 9a£ by adding or deleting the public key 
and the public key ID of the concerned member to the 
transmitted member list, corresponding to the admis- 
sion or secession of the member to the group, after ver- 
ifying whether or not the signature of the group 
administrator in said member list is the proper one. 
Next, the client CL£ signs to the member list 9a£ and 
does the member list update request to the server SV£ 
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and returns the member list 9a£. Thereby, the server 
SV£ receives the member list 9b£ from the client CL£ 
and updates member in the server SV£, after doing the 
designated permission test. 

[0452] By the way, when the resources are shared 5 
between the multiple users, there is the case that is not 
desirable to include the administrator of the server side 
in the sharing members. For example, in the case of the 
system administrator who is in the information system 
division in a certain company, it may be necessary that w 
it is impossible for him to access the personal informa- 
tion that should be shared only in the personal division. 
However, in the system in Figure 76 and the operation 
process in Figure 77 mentioned above, the privilege to 
set up or administrate ACL 8£ is permitted for the 15 
administrators of the server 5£ and the server SV£. 
Therefore, it is possible for these administrators to 
access unfairly to ACL 8£ and there is the fault that can 
not prevent the intentional tampering of the contents of 
ACL 8£. In addition, there is threat that ACL 8£ is tarn- 20 
pered unfairly by the person who invades into the server 
SV£ unfairly (so-called the cracker). 
[0453] Moreover, in the conventional system men- 
tioned above, since it is necessary to set up the privi- 
lege by the limited small number of server 25 
administrators, there is a problem that the load for said 
setting up the privilege is concentrated to said small 
number of administrators. In addition, the form that 
shares the information only in the core of intranet would 
be better. For example, in the utilizing form that the com- 30 
pany system is operated by charging to the third party 
which is outside of the company, if the necessity of the 
modification of the ACL8£ will be occurred by increasing 
or decreasing of the information sharing members, it will 
be necessary to ask each time the set up of the opera- 35 
tion for the operation person who is outside of said com- 
pany. Therefore, the problem of reliability, whether the 
outside operator is believable or not, is retained in addi- 
tion to the load of the time and cost for such operation. 
[0454] Example 6 of this invention is done by con- 40 
sidering these points mentioned above. Its object is to 
offer the team data list operation system, which makes 
not to do the administration of the team data list by the 
administrator of the server in which the team data list is 
stored, but can do the administration of the team data 45 
list by the member himself who is the administrator of 
the team data list in the group, and can prevent that said 
server administrator, the person who is the member but 
not the administrator, or cracker, etc., modifies the team 
data list. Moreover, another object of this invention is to 50 
offer the team data list processing system, in which the 
member, who is the administrator of the team data list, 
can change the administrator of the team data list by 
himself without any intervention by the outsider, such as 
the server administrator, etc. 55 
[0455] Example 6 is explained by referring to the 
drawings as follows. At first, the team data list of this 
invention is explained. The team data list of this inven- 



tion is the general term of the list which defines the infor- 
mation about the team, and is for the definition of 
"aggregation of the member", which is applied to the 
use required the high confidential administration, such 
as ACL mentioned above. As mentioned above, in the 
conventional system, the terminal administrator, the 
network administrator, or the server administrator, etc. 
who are not the member, can modify the information 
about the team. On the one hand, the team data list of 
this invention administrates the information about the 
team by dividing to the multiple lists (one or more mem- 
ber lists and team master lists mentioned below), so 
that, the team administration, such as the change of the 
team master himself, can be done by only the member 
in the team. 

[0456] Next, the premised technology of this inven- 
tion is explained by referring to Figure 67 or Figure 68. 
In Figure 67, the assumable structure of the system of 
this invention is drawn roughly, and is the system consti- 
tuted by connecting the client CL£ to the server SV£ 
through the network NW£. The member list in this figure 
describes the member, who can access the resources, 
such as the various information or the functions offered 
to the user. Moreover, the server SV£ connects with the 
database 10£, which is constructed on the hard desk, 
etc., and, in said database, the member lists 1 1 A£ and 
1 1B£, each of which is corresponding to the groups to 
which the multiple members are belonging (the group 
A£ and BC, in Figure 67), are memorized. 
[0457] The server SV£ has only the member list 
storing unit, transmits the member list to the client CL£, 
and replaces the content of the member list of 1 1 A£ and 
the member list 1 1B£ in the database 10£, according to 
the member list which was returned from the client CL£ 
after modification. On the other hand, the client CL£ has 
the member list administration unit. There is the mem- 
ber list modification unit as one of this member list 
administration units and, by using said member list 
modification unit, the client CL£ returns the member list, 
which was retrieved from the server SV£, to the server 
SV£, after it modifies the list according to the addition or 
the deletion of the members. 

[0458] Here, only by the units mentioned above, the 
server administrator or the cracker, etc. can tamper the 
member list in the server SV£ by operating the server 
SV£ without the intervention of the member list adminis- 
tration unit in the client CL£ side. In addition, the prob- 
lem occurs, i.e., the proper administrator can not be 
distinguished from the client side, when the server 
administrator, etc., tampered unfairly the member list 
with the signature by himself. In order to avoid problems 
like this, in the system in Figure 67, the signatures of 
12A£ and 12B£ were affixed to the member list 11A£ 
and 1 1 BC, respectively. Moreover, in order to correspond 
with these affixes, the client CL£ has the digital signa- 
ture unit as the one of the member list administration 
units. This digital signature unit retrieves the private key 
from the private key file or IC (integrated circuit) cards, 
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etc., in which the private key were memorized, and 
sends the member list signed with said private key to 
the server SV£. Then, the server SV£ can store the pair 
of the member list and the signature for every group. 
Thereby, the tampering of one part of the member list by 
the server administrator, etc., can be detected in the cli- 
ent CL£ side by verifying the signature belonging in the 
member list. 

[0459] On the other hand, Figure 68 shows the 
abstract of the steps when the member list in the server 
SV£ is modified from the client CL£ side. In the member 
list 20C, stored in the server SV£, the digital signature 
(also said the electronic signature) of the team master 
TM£ (detail mentions are later), who is the administrator 
of the concerned team, is beforehand registered, in 
addition to the member MX£, MY£, • • *,MB^ (in prac- 
tice, the public key number corresponding to the each 
member, as saying next), who comprise the team T1£ 
which is the information sharing team. 
[0460] At first, when the member list is modified, the 
team master TM^ in the client CL£ side sends the group 
ID (the identifier) to identify the group or the team, and 
the user public key number (the user public key No. in 
the figure) corresponding to the user public key (that is 
the designated length bite line) in the public key cryp- 
tography, to the server SV£, and requires to send the 
member list for the server SV£. (Step S1Q In addition, 
"the user public key number" said here is the informa- 
tion to identify/authenticate the user himself, who is the 
team master TM£, etc., and, i.e., the serial numbers 
which are affixed beforehand to the each user public 
key. Furthermore, explaining in detail, the user public 
key number is the information corresponding to the 
each user public key to identify the user public key 
uniquely, and, for example, is the serial number of the 
concerned certificate included in the certificates pub- 
lished by the certification authority. Moreover, as the 
information to identify/authenticate the use himself, the 
various information, such as ID or name, etc., which 
identifies practically the key creator himself, can be 
used other than the user public key number mentioned 
above. Incidentally, in the explanation as follows, as one 
example of the information to identify/authenticate the 
user himself, the cases of using the public key number 
are explained. 

[0461] Next, the server SV£ verifies the privilege of 
the team master TM£, on the basis of the group ID and 
the user public key number, which are sent from the cli- 
ent CL£, as mentioning in detail below. (Step S2Q At 
first, the server SV£ does the identification/authentica- 
tion of the team master TM£ himself by using the 
method called "Shake Hand" or "Challenge Response". 
This process is explained according to the steps in Fig- 
ure 69 as follows. At first, as explained in Step S2£ in 
Figure 68, the user name and the user public key (in 
practice, the user public key number mentioned above) 
are sent to the server SV£ side, when the client CL£ 
accesses the server SV£. (Step S1 01 Q Next, the server 



SV£ generates the random number, memorizes it inside 
of said server SV£ and encrypts said random number by 
the user public key (which is corresponding to the user 
public key number). (Step S102Q Then, the encrypted 

5 data is sent to the client CL£, as the "Challenge Data". 
(Step S103Q The client CL£ decrypts the "Challenge 
Data" sent from the server SV£ by using the private key 
corresponding to the user public key. (Step S104Q 
Then, the obtained decrypted data is returned to the 

10 server SV£ as the "Challenge Response". (Step S1 05Q 
The server SV£ compares between the challenge 
response sent from the client CL£ and the random 
number generated at Step S102£ to verify the commu- 
nication partner. That is, when the both (the challenge 

15 response and the random number) matches, it can be 
verified that the person, who knows the private key cor- 
responding to the user public key sent at Step S1 01 £, is 
the communication partner, (the authentication is suc- 
ceeded.) On the other hand, when the both does not 

20 match, there is the possibility that the communication 
partner has not the proper privilege, (the authentication 
is failed.) (Step S106Q After then, the server SVC, noti- 
fies the result of the verification (the authentication is 
succeeded or failed.) to the client CL£. (Step S107Q 

25 [0462] By this way, when the authentication of the 
person himself is succeeded, the server SV£ verifies 
whether the user public key number is written on the 
member list 20£ or not, and also verifies whether the 
user (in this case, the team master TMQ has the privi- 

30 lege, which can modify the member list 20£, or not. 
Here, it is assumed that the user public key number sent 
from the client CL£ is written on the member list 20£ cor- 
responding to the team T1 £ designated by the group ID. 
Incidentally, when the user public key number is not 

35 written on the member list 20£, the server SV£ notifies 
the fail of the authentication to the client CL£. Next, 
since the digital signature on the member list 20C, is the 
signature of the team master TM£, the server SV£ 
agrees the rewriting request of the member list by the 

40 team master TM£ and transmits the requested member 
list 20£ to the client CL£ side. (Step S3Q The client CL£ 
examines the digital signature in the member list 20£ 
and verifies that the member list 20£ is not tampered at 
the server SV£ side and is proper one, since said digital 

45 signature is affixed by the team master himself. (Step 
S4Q Next, the client CL£ does the member change 
process, which replaces the member MB£ with the 
member MC£ in the member list 20£, to create the 
member list 21 £. (Step S5Q Here, since the digital sig- 

50 nature is deleted in the created member list 21 at the 
member change, the client CL£ affixed the digital signa- 
ture of the team master TM£ to said member list 21 to 
create the member list 22£ (Step S6Q, and returned 
said member list 22£ to the server SV£. (Step S7Q 

55 [0463] By the way mentioned above, in this inven- 
tion, the administration itself of the member list is done 
in the client CLC, side by the administrator selected from 
the members of the each team, and, in the server SV£ 
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side, the structure, in which the persons who have not 
proper privilege, such as the person who corresponds 
to the server administrator or cracker, etc., can not 
tamper the member list unfairly, is employed. Then, the 
following example is the technology which is advanced 
more on the base of the premised technology men- 
tioned above, and can reach the object of this invention 
mentioned above by incorporating the units describing 
below. First, in the administration of the member list of 
the department where many persons are employing, the 
structure of the administration, in which the multiple 
administrators administrate the member list, is realized, 
in order to decrease the load of one administrator. The 
second, the change of the team data list administrator 
by the team data list administrator himself is realized. 
For example, it is the case, etc., that the general man- 
ager, who is the team data list administrator, assigns the 
new general manager to the new team data list admin- 
istrator, when he is transferred. In such case, while the 
present general manager, who is the team data list 
administrator, can delegate the administration privilege 
to the new general manager, there is no room for the 
third person, i.e., the server administrator, to intervene 
at this delegation of the privilege. 
[0464] Then, this example is explained about the 
system having the two devices, which are the team data 
list administration device and the team data list storing 
device, as follows. Figure 66 is the block diagram, which 
shows the whole structure of this example, which has 
the team data list administration device and the team 
data list storing device. In this figure, the team data list 
administration device 30£ and the team data list storing 
device 31 are equipped with the team data list admin- 
istration unit and the team data list storing unit respec- 
tively mentioned blow in detail, and each unit is 
delivering and receiving the data each other by using 
the communication line. Either the team data list admin- 
istration device 30£ or the team data list storing device 
31 £ can be realized by the general computers, such as 
work stations, etc., and the programs to realize the team 
data list administration unit and the team data list stor- 
ing unit (the team data list administration program and 
the team data list storing program), are memorized on 
the main memories of these computers. 
[0465] One part or whole of these program is mem- 
orized on the transportable memory medium, such as 
the floppy desk, the IC (an integrated circuit) card, the 
optical-magnetic desk, or the CD-ROM (compact desk - 
read only memory), etc., or the computer readable 
memory medium, such as the large capacity memory 
medium of the hard desk, etc., in the computer. That is, 
said programs may be either the ones that realizes the 
one part of the units which will be mentioned in detail as 
follows or the ones that realizes these units by cooper- 
ating with the programs which is already memorized in 
the computer. And, at the beginning of the operation of 
the team data list administration device and the team 
data list storing device, these programs are transmitted 



from the memory medium to the main memory by 
directing of CPU (central processing unit) in the compu- 
ter. Then, CPU performs the programs transmitted on 
the main memory, so that CPU controls the each part of 
5 the device to realize the various processes mentioned in 
detail below. 

[0466] In this example, the persons, who can 
access to the team data list, are classified to 3 kinds, 
i.e., the member, the sub master, and the team master, 

w corresponding to the content of their privilege, and their 
privilege increases according to this order. The sub 
master is the administrator in the team, who is nomi- 
nated by the team master, and can not change the team 
master and the sub master but can change the general 

15 member, such as addition or deletion. On one hand, 
while the team master can change the sub master or the 
general member, said team master can change the 
team master himself On the other hand, the general 
member, who is not the team master and the sub mas- 

20 ter, is the person sharing the information and units, and 
is never given the privilege to modify the content of the 
team data list, etc. 

[0467] While the sub master and the team master 
are given the special privilege, they are also the mem- 
25 ber of the team, and are called as the member in this 
mean. 

[0468] By the way, the memory device 32£, which 
can file the database, such as the hard desk, etc., are 
connected with the team data list storing device 31 £ in 

30 Figure 66. This memory device 32£ memorizes the pair 
of the team data list, which comprises the member list 
33£ and the team master list 34£ in every teams which 
consist of the multiple members. In this figure, only one 
pair of the member list 33£ and the team master list 34£ 

35 is shown from the convenience of description but, in 
fact, these pairs exist in the number of the teams. The 
member list 33£ comprises the list of the member who 
shares the information and units, which are offered to 
the users, and includes the identifying information of the 

40 member, the public key given to the member, the ID of 
the person who has private key corresponding to said 
public key (hereinafter refers to as the public key ID), the 
team ID identifying the team, the signature of the list 
creator (i.e., the team master or the sub master), the 

45 time stamp indicating the time when the concerned 
member list 33£ was created, the information about the 
units which can be used by the member in the team (for 
example, application), and the information to hierar- 
chize the team as tracing the company organization. As 

50 the other information about each member, the member 
list 33£, includes an e-mail (electronic mail) address and 
own address of the member, and can administrate the 
information resource about each member simultane- 
ously by using these information. On the one hand, the 

55 team master list 34£, comprises the list of the team 
master and the sub master and includes the identifying 
information of the team master or the sub master, the 
public key, the public key ID, the team ID, the signature 
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of the team master, and the time stamp indicating the 
time when the concerned team master list 34£ was cre- 
ated, etc. As the other information about the team, the 
team master list 34£ includes the number of the team 
member, the time creating the team, the various units 5 
which can be used by each member in the team, etc., 
and can administrate the information resource about 
each team simultaneously. 

[0469] Next, in the team data list storing device 31 
when the modification request or the reference request w 
to the member list 33£ or the team master list 34£ is 
occurred from the client side CL£, the permission test 
unit 35£ verifies the claimant himself in the client CLC, 
side on the basis of the contents of these two lists, and 
verifies whether said claimant is the person, who has 15 
the proper permission to do said modification or said 
reference, or not, and judges whether said member list 
33£ or said team master list 34£ should be transmitted 
to the client side or not. Moreover, when the permission 
test unit 35£ uses the member list 33C, or the team mas- 20 
ter list 34£, the list storing unit 36£ does the process, 
which retrieves these lists from the memory device 32£ 
or stores these data lists to said memory device 32£. In 
the following explanation, it is premised that the list stor- 
ing unit 36£ always intervenes when the permission test 25 
unit 35£ uses the member list 33C, or the team master 
list 34£. However, the explanation about this will be 
omitted since it becomes complicated. 
[0470] Next, in the team data list administration 
device 30£, the list creator verification unit 37C, retrieves 30 
the member list 33£ or the team master list 34£ from the 
team data list storing device 31 and verifies whether 
these lists are created by the administrator who has the 
administration privilege (i.e., the team master or the sub 
master) or not. By this verification, it can be detected 35 
that the administrator of the server SV£ or the person 
having not the proper privilege, such as the cracker, 
etc., who invades unfairly into the server SV£, has tam- 
pered the member list 33£ or the team master list 34£. 
The list modification unit 38£ does the modification, i.e., 40 
the addition, the deletion or replacement, etc., of the 
member or the administrator, to the member list 33C, or 
the team master list 34£ which is retrieved by the list 
creator verification unit 37£. Moreover, the digital signa- 
ture unit 39£ affixes the digital signature of the person 45 
who modified these lists (i.e., the team master or the 
sub master), to the member list 33£ or the team master 
list 34£ which is modified by the list modification unit 
38£, by using together the encryption using the private 
key or signed key, which can be known by only the per- 50 
son who modified these lists himself, and Hash function. 
On the one hand, the public key administration unit 40£ 
accesses the public key database 41 which is con- 
nected with the team data list administration device 30£, 
to retrieve the public key and the public key ID corre- 55 
sponding to said public key. Incidentally, in the practical 
form, the public key database 41 £ is, of course, consid- 
ered to be not only the local form, in which said public 



key database 41 £ directly connects with the team data 
list administration device 30£, but also the form, which is 
in the server (for example, the certificate authority) 
which is located on the network, such as internet, etc. 
By such a form, it becomes possible that the public key 
administration unit 40£, for example, accesses the pub- 
lic key database 41 £ through the home page registered 
on the certificate authority, and retrieves the public key 
and the public key ID mentioned above from there, as 
the file format. 

[0471] In addition, in Figure 66, the public key data- 
base 41 £ and the memory device 32£ are considered as 
different formulation from the team data list administra- 
tion device 30£ and the team data list storing device 31 £ 
each other. However, for example, it may be, of course, 
acceptable that the team data list administration unit 
30£ includes the public key database 41 £ or the team 
data list storing unit 31 £ includes the memory device 
32^. 

[0472] Next, the operation of the system, which has 
the team data list administration device 30£ and the 
team data list storing device 31 in the structure men- 
tioned above, is explained. First, Figure 70 shows the 
operation process, which changes the member regis- 
tered in the member list, in the operations, when the 
multiple administrators administrate the members. In 
the team data list storing device 31 £, since the team 
T2£, which corresponds to the team master list 45£, is 
created by the team master TM^, the digital signature of 
the member MX£, who is the team master, is affixed. In 
this team master list 45£, the member MX£ is registered 
as the team master, and the member MY£ and the 
member MZ£ are registered as the sub master. In addi- 
tion, in the following explanation, when a certain mem- 
ber is the team master or the sub master, these 
members are written as the team master MX£ and sub 
master MY£ respectively. 

Member change 

[0473] In the following, the case, that the member 
MB£ is departed from the member by the personnel 
transfer, etc., and the member MC£ joins as a new 
member, is assumed. Therefore, the sub master MY£ 
replaces the member MB£ belonging in the team T2£ 
with the member MC£. First, the team data list adminis- 
tration device 30C, sends the modification request of the 
member to the team data list storing device 31 with 
the group ID indicating the team T2£ and the user public 
key number of the sub master MY£. (Step S1 1 Q In the 
team data list storing device 31 the permission test 
unit 35£ certifies the sub master MY£ by the Shake 
Hand mentioned above, and then, while said permis- 
sion test unit 35£ verifies that the public key number of 
the member MY£ exists in the concerned member list 
46£ by checking the member list 46£ about the team 
T2£ designated by the group ID, said permission test 
unit 35£ verifies, that the sub master MY£ is the sub 
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master of the team T2C, and has the modification privi- 
lege of the member, by checking the team master list 
5£. (Step S12Q Next, the permission test unit 35£ trans- 
mits the team master list 45£ and the member list 46£ 
about the designated team T2£, to the team data list 
administration device 30£ side. (Step S13Q 
In the team data list administration device 30£, the list 
creator verification unit 37C, checks the digital signature 
included in the team master list 45£ and the member list 
46£, which are transmitted from the team data list stor- 
ing device 31 and verifies that these list is right one, 
which was created by the person registered in the team 
master list 45£ (i.e., the team master MXQ (Step S14Q 
[0474] Here, the verification processed by the list 
creator verification unit 37C, is explained in detail with the 
flow chart in Figure 71. At first, the list creator verifica- 
tion unit 37£ retrieves the team master list 45£ and the 
member list 46£ from the team data storing device 31 £ 
(Step S21Q, and then, verifies the digital signatures 
included in these two lists. (Step S22Q As the result of 
this verification, when any one of the digital signatures 
has been tampered, the process executed at that time, 
such as the member change, etc., is stopped, since it is 
considered that the improper act was done. On the 
other hand, when the tampering was not detected, the 
list creator verification unit 37C, verifies that the signer of 
the member list 46£ (i.e., the member MX£ in Figure 70) 
is included in the team master list 45£ as the team mas- 
ter or the sub master. When the signer is not included in 
the team master list 45£, the process executed at that 
time is stopped since the improper act was done the 
same way as the Step S22£. (Step S23Q 
[0475] However, when the signer of the member list 
45£ is included in the team master list 45£, the authen- 
tication of the member list 46£ is verified, so that the list 
creator verification unit 37C, continuously verifies 
whether the signatory of the team master list 45£ (i.e., 
the member MX£ in Figure 70) is the team master or 
not. (Step S24Q When the signer is not the team mas- 
ter, the process is stopped in the same way as the Step 
22£ to Step 23£, since the improper act is occurred. On 
the other hand, when the signer of the team master list 
45£ is the team master, the authentication of the team 
master list is also verified and the following process is 
continued. For example, in the case mentioned above, 
the list creator verification unit 37£ sends the team mas- 
ter list 45£ and the member list 46£ to the list modifica- 
tion unit 38£. 

[0476] After the authentication of the team master 
list 45£ and the member list 46£ is verified by this way, in 
the Step S1 5£ in Figure 70, the list modification unit 38£ 
replaces the member MB£, who is described in the 
member list 46£, with the member MC£ to create the 
member list 47£, and sends this member list 47£ to the 
digital signature unit 39£. The digital signature unit 39C, 
retrieves the private key about the sub master MY£ from 
the private key file mentioned above, etc., and creates 
the member list 48£, in which the digital signature of the 



sub master MY£ is affixed to the member list 47£, by 
using said private key. (Step S16Q After then, the digital 
signature unit 39£ returns the team master list 45£ and 
the member list 48£ to the team data list storing device 

5 31 C- (Step S1 7Q 

[0477] In the team data list storing device 31 the 
permission test unit 35£ verifies whether the digital sig- 
natures of said transmitted team master list 45£ and the 
member list 48£ are tampered or not, and also verifies 

w the content of these lists as follows. That is, since the 
signer of the team master list 45£ is the team master 
MX£, the authentication of said team master list 45£ is 
verified. On the one hand, the signer of the member list 
48£ is the sub master MY£, and since it is judged that 

15 said sub master MY£ is the person, who was permitted 
to do the member change, by checking the team master 
list 45£ whose authentication was verified, it can be 
believed that the member list 48£ is proper one. On the 
other hand, when the authentication of the transmitted 

20 list can not be verified, the permission test unit 35£ 
stops the process without modification of the team mas- 
ter list and the member list. (Step S18Q As mentioned 
above, the member change in the member list has been 
done. 

25 

Sub master change 

[0478] Next, the process steps, when the team 
master modifies the sub master, are explained by 

30 checking Figure 72. In the followings, the case, that the 
team master MX£, who belongs in the team T2, 
replaces the member MY£, who is the sub member, to 
the member MW£, is assumed. When the team master 
MX£ requests to change the sub master from the mem- 

35 ber MY£ to the member MW£, to the team data list 
administration device 30£, in said team data list admin- 
istration device 30£, the list creator verification unit 37C, 
sends the modification request of the sub master to the 
team data list storing device 31 £ with the group ID and 

40 the user public key number of the team master MX£, in 
the same way as Step S1 1 £ in Figure 70. (Step S31 Q In 
the team data list storing device 31 £, the permission test 
unit 35£ certifies the team master MX£ by Shake Hand 
according to the same steps explained in Step S12£ in 

45 Figure 70, and then, verifies that the member MX£ is the 
team master of the team T2£ and was given the modifi- 
cation privilege of the sub master, while said permission 
test unit 35£ verifies that the user public key was written 
in the member list 46£. (Step S32Q Next, the permis- 

50 sion test unit 35£ transmits the team master list 45^ and 
the member list 46£ to the team data list storing device 
30£ as same as Step S13 in Figure 70. (Step S33Q 
[0479] In the team data list administration device 
30£, the list creator verification unit 37C, investigates the 

55 digital signature included in the team master list 45£. By 
this way, the list creator verification unit 37£ verifies that 
this team master list 45£ is the proper one, which was 
created by the member MX£ who is the team master, 
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and delivers said team master list 45£ and the member 
list 46£ to the list modification unit 38£. (Step S34Q The 
list modification unit 38C, creates the team master list 
51 in which the sub master MY£, who is described in 
the team master list 45£, is replaced to the sub master 
MW£, and sends said team master list 51 £ to the digital 
signature unit 39£. (Step S35Q 

[0480] The digital signature unit 39C, retrieves the 
private key about the team master MX£, from the above- 
mentioned private key file, etc., and creates the team 
master list 52£, in which the digital signature of the team 
master MX£ is affixed, to the member list 51 £ (Step 
S36Q, and then, returns said team master list 52£ and 
the member list 46£ to the team data list storing device 
31 £. (Step S37Q In the team data list storing device 
31 the permission test unit 35£ verifies the contents of 
the transmitted team master list 52£ and the member list 
46£ according to the same step in Step S18£ in Figure 
70. In this case, the each signer of the team master list 
52£ and the member list 46£ is the team master MX£, so 
that the authentication of these lists is verified. On the 
other hand, when the authentication of the transmitted 
lists can not be verified, the permission test unit 35£ 
stops the process without modification of the member 
list. (Step S38Q By this way mentioned above, the mod- 
ification of the sub master in the team master list is 
done. 

[0481] In addition, the example in Figure 72, the 
digital signature of the original member list is that of the 
team master MX£, but there is no problem if this signa- 
ture is that of the sub master MY£. That is, the team 
master MX£, who has the modification privilege of the 
sub master, can affix the own signature to the member 
list 46£. Then, in this case, the digital signature of the 
sub master MY£ is deleted from the member list 46£ at 
the team data list side and the digital signature of the 
team master MX£ is affixed to said member list 46£ 
instead of said signature of the sub master MY£, and 
then, said member list 46£ is returned to the team data 
list storing device 31 £. By this way, the member list, 
which was signed by the sub master MY£ who is not the 
member, is not stored in the team data list storing 
device 31 £. 

Team master self change 

[0482] Next, the procedure at the time of the team 
master self change is explained in Figure 73. As men- 
tioned below, it is assumed that the case, when the 
team master MX£ delegates the privilege to the team 
master MK£ to modify the team master. The team mas- 
ter list 45£ stored in the team data list storing device 31 £ 
is the same list that was shown in Figure 70 or Figure 
72, and the member list 48£ is the same list that was 
modified in the member change shown in Figure 70. 
[0483] First, the team master MX£ requests to the 
team data list administration device 30£, to change the 
team master to the member MK£. Then, the list creator 



verification unit 37£ sends the team master list 45£ and 
the reference request of the member list 48£, to the 
team data list storing device 31 with the group ID and 
the user's public key number of the team master MX£, 

5 as well as Step S1 1 £ in Figure 70. (Step S41 Q 

[0484] In the team data list administration device 
31 the permission test unit 35£ authenticates the 
member MX£ by Shake Hand as same step explained at 
Step S12£ in Figure 70. Then, the permission test unit 

w 35£ verifies that the user's public key number of the 
member MX£ exists in the member list 48£ and also ver- 
ifies that the member MX£ is the team master of the 
team T2C, and was given the reference privilege of the 
requested list. (Step S42Q 

15 [0485] Next, the permission test unit 35£ transmits 
the team master list 45£ and the member list 48£ about 
the designated team T2£, to the team data list adminis- 
tration device 30£ as well as Step S13£ of Figure 70. 
(Step S43Q At this time, the permission test unit 35C, 

20 stores the team master list 45£, in order to use it at the 
permission test executed later. Next, in the team data 
list administration device 30£, the list creator verification 
unit 37£ investigates the each digital signature of the 
transmitted team master list 45£ and the member list 

25 48£, and verifies that whether each list is the list rightly 
created by the team master MX£ and the sub master 
MY£ who are included in the team master list 45£. (Step 
S44Q Thereby, the list creator verification unit delivers 
two transmitted lists to the list modification unit 38£. 

30 [0486] Next, the list modification unit 38£ replaces 
the member MX£, who is the team master described in 
the team master list 45£ and the member list 48£, to the 
member MK£, and then, creates the team master list 
55£ and the member list 56£, respectively to send out 

35 said two lists to the digital signature unit 39£. (Step 
S45Q The digital signature unit 39£ retrieves the private 
key about the team master MX£ from the private key file 
mentioned above, and then, creates the team master 
list 57£ and the member list 58£ in which the digital sig- 

40 nature of the team master MX£ are affixed to the team 
master list 55£ and the member list 56£ to return said 
two lists to the team data list storing device 31 (Step 
S46Q 

[0487] In the team data list storing device 31 the 
45 permission test unit 35£ does the permission test 
according to the flow chart shown in Figure 74, based 
on 3 list that is two transmitted lists and one team mas- 
ter list 45£ (i.e., the old team master list) stored in the 
previous Step S43£. Moreover, Figure 75 shows the 
so state of the team master list or the member list, in which 
the comparison and reference are done at each step of 
Figure 74, when such permission test is done. 
[0488] First, the permission test unit 35£ retrieves 
the team master lists 57£ and 45£, as the new and old 
55 team master list, and also retrieves the member list 58£, 
as the new member list. (Step S61Q Next, the permis- 
sion test unit 35£ investigates the digital signatures of 
the team master list 57£ and the member list 58£. (Step 
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S62Q If either one is tampered, since the improper act 
has occurred in the process in which these two lists are 
transmitted to the team data list storing device 31 £ 
(server SVQ from the team data list administration 
device 30£ (client CLQ, the permission test unit 35£ 
stops the team master change process. 
[0489] On the other hand, if both of two transmitted 
lists are not tampered, the permission test unit 35£ 
investigates the digital signature of the new team mas- 
ter list 57£, and verifies that the said digital signature is 
signed by the team master MX£ who is the signer of the 
old team master list 45£. (Step S63Q This is to verify 
that the privilege was delegated from the person who 
was the team master from the origin, and if the verifica- 
tion result of Step S63£ is "NO", since the unjust act by 
the breach of privilege, etc., may occur, the team master 
change process is stopped. 

[0490] Reasonably, in this case, since the digital 
signature of member MX£ is affixed to the team master 
list 57^, the permission test unit 35^ verifies whether the 
signer of new team master list 57£ has the master privi- 
lege or not, in order to distinguish the team master self 
change and other usual modification. (Step 64Q For 
example, in the member change explained in Figure 70 
mentioned above, the digital signature of the team mas- 
ter list 45£ is done by the member MX£ having the mas- 
ter privilege, this is the same as the team master 52£ in 
the sub master change of Figure 72 (i.e., when the deci- 
sion result of Step S64£ is "YES"). 
[0491] On the other hand, when the team master 
himself is changed, the processing time of Step S47£ of 
Figure 73 is equivalent to the transition period when the 
delegation of privilege to the member MK£ from the 
member MX£ is done , and the team master list 57C, is 
the transition state that the member MK£, who is the 
new administrator, is the master but the member MX£, 
who is the old administrator, signed, so that the signer of 
the team master list 57£ seems not to have the master 
privilege. If such a state is detected and the team mas- 
ter self change is recognized (the decision result of Step 
S64£ is "NO"), the permission unit 35£ investigates the 
digital signature of the new member list 58£ to verifies 
whether said digital signature is included in the new 
team master list 57£ or not, or whether the signer of said 
digital signature is the signer of one of the team master 
lists, 57£ and 45£, which are new and old, or not. (Step 
S65Q If neither of the conditions is satisfied, it seems 
that the improper act, such as tampering, etc., is 
occurred, so that the permission test unit 35£ stops the 
team master change process. 

In fact, in this case, since the signer of the member list 
58£ is the same as the signer of the new and old team 
master lists, 57£ and 45£, the permission test unit 35£ 
can judge that the member list was created through the 
normal procedure. By the process from Step S62£ to 
Step S65£ mentioned above, it can be judged that the 
team master himself was modified through the normal 
operation by the team master MX£. 



[0492] Then, the permission test unit 35£ sends out 
the new and old team master lists, 57£ and 45£, and the 
member list 58£ to the team data list administration 
device 30£. (Step S48Q The process after this is done 

5 by the directive of the new team master MK£, and is the 
process for rewriting the digital signature of the team 
master list 57£ and the member list 58£ by the digital 
signature of the team master MK£. In the team data list 
administration device 30£, the list creator verification 

10 unit 57£ verifies the digital signature included in each 
transmitted list. (Step S49Q That is to say, the list crea- 
tor verification unit 37£ verifies that neither of the digital 
signatures of the old team master list 45£ nor the new 
member list 58£ is tampered, and, next, verifies whether 

75 the digital signature of the new and old team master 
lists, 57£ and 45£, are identical or not, and furthermore, 
verifies whether the member MX£, who is the signer of 
said list, has the privilege of the team master, on the 
basis of the description of the old team master list 45£. 

20 In this case, since all of three conditions described now 
are satisfied, the list creator verification unit 37C, delivers 
the team master list 57£ and the member list 58£ to the 
list modification unit 38£. 

[0493] Next, the list modification unit 38£ creates 

25 the team master list 59£ and the member list 60£ to 
deliver to the digital signature unit 39£, on the basis of 
the team master list 57C, and the member list 58£. The 
digital signature unit 39£ retrieves the private key of the 
member MK£ from the private key file mentioned above, 

30 etc., and affixes the digital signature of the member 
MK£ to each of the team master list 59£ and the mem- 
ber list 60£, to create the team master list 61 £ and the 
member list 62£, and then, returns these lists to the 
team data list storing device 31 (Step S50Q In the 

35 team data list storing device 31 the permission test 
unit 35£ does the permission test to the transmitted 
team master list 61 £ and the member list 62£, according 
to the procedure shown in Figure 74. (Step S51 Q In this 
case, since either of the signers of these two lists is the 

40 team master MK£, either of these two lists can be 
judged as the proper one. In addition, in this case, since 
it is the usual modification, the decision result by step 
S64£ of Figure 74 is "Yes". However, if the authentica- 
tion cannot be verified about the transmitted list, the 

45 permission test unit 35£ stops the processing for the 
team master list and the member list without updating. 
The team master self change is performed through the 
process mentioned above. 

[0494] In addition, during the transition period from 
50 Step S47£ to Step S51 C, in Figure 73, when the member 
list reference request, the member list modification 
request, and the master change request are made from 
the team data list administration device 30£ to the team 
data list storing device 31 the following verification of 
55 the list creator is done in the team data list administra- 
tion device 30£ and team data list storing device 31 £. 
[0495] First, when there is the member list refer- 
ence request from the team data list administration 



62 



121 



EP 1 083 699 A1 



122 



device 30£, the team data list storing device 31 £ trans- 
mits the old team master list 45£ and the new member 
list 58£ to the team data list administration device 30£. 
In the team data list administration device 30£, after ver- 
ification whether the digital signature of two transmitted 
lists is not tampered or not, the list creator verification 
unit 37£ verifies whether the signer of said list (in the 
case of Figure 73, the member MXQ has the privilege of 
the team master or not, on the basis of the description 
of the old team master list 45£. 

[0496] On the other hand, when there is the mem- 
ber list modification request or the master change 
request from the team data list administration device 
30£, the team data list storing device 31 £ transmits the 
new and old team master list, 57C, and 45£, and the new 
member list 58£ to the team data list administration 
device 30£. In the team data list administration device 
30£, the list creator verification unit 37£ verifies, whether 
the digital signature of two transmitted lists is tampered 
or not as it does in the case of the member list reference 
request. Next, the list creator verification unit 37£ com- 
pares each digital signature of the new and old team 
master lists, 57£ and 45£, to verify whether they are 
matched or not. Next, the list creator verification unit 37^ 
verifies whether the signer of the old team master list 
45£ has the privilege of the team master or not, as it 
does in the case of the member list reference request. 

Automation of the team master verification 

[0497] In the example mentioned above, whenever 
the team data list is used, the user needs to verify 
whether the team master is the surely right one or not, 
in the client CLC, side. For example, the following mes- 
sage is displayed on the display of the computer which 
constitutes team data list administration device 30£, i.e., 
"This list is administrated normally, with the following 
members serve as the administrator. Identifier: the 
member MX£, Organization: MITSUBISHI MATERIALS 
CORP. Click O.K. button with a mouse to continue the 
operation." That is to say, since the user needs to con- 
firm the concerned message visually, there may be trou- 
blesome impression on said user. In order to improve 
this point, it may be solved by the way that the following 
unit is added as the new unit to cooperate with the list 
creator verification unit 37£, or said unit is incorporated 
as one unit of list creator verification unit 37£. 
[0498] That is, the public key of the team master is 
beforehand registered in the public key database 41 £ 
(refer to Figure 66) in the side of the client CL£ for every 
team, and the public-key administration unit 40£ 
retrieves the public key of the team master from the 
public key database 41 to notify this to the list creator 
verification unit 37£. Or, it may be constituted that the 
serial number, etc., for discriminating the public key, as 
the information about the public key, is registered in the 
public key database 41 and after the public key admin- 
istration unit 40£ retrieves this serial number from the 



public key database 41 it retrieves the public key reg- 
istered the outside of the team data list administration 
device 30£ by using the serial number, and delivers to 
the list creator verification unit 37£. 

5 [0499] On the other hand, the list creator verifica- 
tion unit 37C, verifies the digital signature included in the 
team master list transmitted from the team data list stor- 
ing device 31 on the basis of the public key of the team 
master notified from the public key administration unit 

w 40£, instead of taking out the message which was men- 
tioned above on the display of the computer, so that 
may judge that the concerned signature is the thing of 
the team master. By this way, the authentication of the 
team master can be verified, without verifying visually 

15 by the user, on the basis of the viewing on the display. 
[0500] Automation of the team master verification at 
the time of the team master change. 
[0501] By the way, the team master becomes una- 
ble to use the public key of the member MX£ who is the 

20 old administrator, when the member MX£ is modified to 
the member MK£ by the normal procedure, as shown in 
Figure 73. Therefore, it is necessary to modify automat- 
ically the public key of the team master registered in the 
client CL£ side, without the user's intervention. In order 

25 to realize this modification process, the following proc- 
esses may be done, after creating the final team master 
list 61 £. (referring to Figure 73) (i.e., after step S51 Q. 
[0502] First, in the team data list storing device 31 £, 
the permission test unit 35£ transmits the old team mas- 

30 ter list, the team master list of the transition period, and 
the final team master list (i.e., the team master list 
45£, ,57£, and 61 Q, to the team data list administration 
device 30£. In the team data list administration device 
30£, the list creator verification unit 37£ knows, that the 

35 member MX£ is registered as the team master, in the 
public database 41 £ through the public key administra- 
tion unit 40£. Next, the list creator verification unit 37£ 
can verify that the member MX£, who was the old 
administrator, carried out the delegation of privilege to 

40 the member MK£, who is the new administrator, in con- 
formity with the normal procedure, from three lists trans- 
mitted from the team data list storing device 31 £■ 
[0503] That is to say, the team master registered in 
the team master lists 45£, 57£, and 61 has been 

45 changed from the member MX£ to the member MK£ to 
the member MK£ respectively, and, on the other hand, 
the digital signatures affixed to these lists have been 
changed from the member MX£ to the member MX£ to 
the member MK£, respectively. From these things, the 

50 list creator verification unit 37£ modifies the public key of 
the person, who is registered in the public key database 
41 £ as the team master, to the public key of the member 
MK£ from the public key of the member MX£, through 
the public key administration unit 40£. In addition, the 

55 user may also be asked for the verification, at the time 
of the change of the team master, since the change of 
the team master is not occurred so many times. Moreo- 
ver, as the information for verification of the team mas- 
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ter, the various information, of course, can be used 
besides the public key. 

[0504] In addition, in the example mentioned above, 
although only one member list was prepared, even if the 
multiple member list is used, the team master self 
change and the resource administration by the multiple 
team master are realizable. For example, it can be con- 
sidered that to make two or more member lists subdi- 
vide the member list, according to the privilege haven by 
each member. Thereby, it is enabled to make the infor- 
mation shared by the members, who belong in the each 
member list, to the different one, according to the mem- 
ber list. 

[0505] As mentioned above, in the record media in 
which the team data list administration program was 
recorded, the team data list administration program 
makes the computer execute the following processes; 

(1) The process which notifies the information for 
the principal identification/authentication of the 
modification director to designated destination, and 
which retrieves the team data list from the above 
mentioned destination, includes the information 
about the team which is prepared by the member 
sharing the resource and the digital signature of the 
master having the administration privilege of said 
information, and is prepared with corresponding to 
the privilege of the member belonging the team; 

(2) The verification process which verifies whether 
the master, who has the privilege, creates said 
team data list or not, on the basis of the said 
retrieved content of data list; 

(3) The list modification process which adds the 
modification, which corresponds to the modification 
directive mentioned above, to the data list, in which 
it is verified that said data list is created by the mas- 
ter having the privilege; 

(4) The signing process which creates the digital 
signature of said director, and sends said team data 
list, which is modified by said modification process, 
to said destination with affixing said digital signa- 
ture. 

[0506] Moreover, the above-mentioned team data 
list administration program uses one or more member 
lists in which the member information about the above- 
mentioned member and the digital signature of the 
above-mentioned master were at least included, and 
the master list in which the above-mentioned master 
information showing the privilege of the above-men- 
tioned master and the digital signature of said master 
were at least included, as the above-mentioned team 
data list. 

Moreover, in the above-mentioned team data list admin- 
istration program, the team master having the privilege 
of the modification of the above-mentioned master list is 
included in the above-mentioned master. The above- 
mentioned modification directive is the modification 



directive of the above mentioned team master. The 
above-mentioned verification process may have the 
process which sends the above-mentioned modified 
member list and the master list to the above-mentioned 

5 destination, and the process which verifies the digital 
signature of the above-mentioned master, who is 
included in the member list and the master list which are 
at the transition period, when said lists is returned from 
said destination corresponding with said process. The 

10 above-mentioned signing process may also have the 
process which creates the digital signature of the team 
master, who is the one after the modification directed by 
the above-mentioned modification directive, and the 
process which returns the new member list and new 

75 master list, which affixed the said digital signature to the 
member list and the master list, which were at said tran- 
sition period, to the above-mentioned destination. 
[0507] And, the above-mentioned team data list 
administration program may also make the computer to 

20 do further the process which retrieves the identification 
information for identifying the above-mentioned team 
master himself, from the designated place to register 
beforehand, and the process which verifies whether the 
digital signature of this master is the digital signature of 

25 the above-mentioned team master or not, on the basis 
of the identification information of the above-mentioned 
team master and the digital signature of said master, 
which is included in the above-mentioned member list 
and the master list, which are transmitted from the 

30 above-mentioned destination. 

And, the above-mentioned team data list administration 
program may also make the computer to do further the 
process which verifies that the above mentioned team 
master was changed through the normal procedure, on 

35 the basis of the change of the contents of the master list 
retrieved at the time of the above-mentioned modifica- 
tion directive, the master list at the above mentioned 
transition period, and the above-mentioned new master 
list, and the process] which retrieves the identification 

40 information of the team master who is the one after 
modification directed by the above-mentioned modifica- 
tion direction, and the process which updates the 
above-mentioned identification information of the team 
master who is the one before modification, which was 

45 registered beforehand, by said identification informa- 
tion. 

[0508] On the other hand, in the record media 
which recorded the team data list storing program, the 
team data list storing program makes the computer to 
so do the following process; 

(1) The memorizing process which memorizes 
beforehand the team data list, in which the informa- 
tion about the team comprising the members shar- 
55 ing the resources and the digital signature of the 
master having the administration privilege of said 
information, are included, and is prepared corre- 
sponding to the privilege of the member in the 
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team; 

(2) The process which judges whether the above- 
mentioned director has the above-mentioned privi- 
lege of the request or not, on the basis of the infor- 
mation for the identification/authentication of the 5 
director himself, who requested the said team data 
list and the reference, when said reference request 
was sent from the designated claimant, and then, 
sends said team data list to said claimant only when 
said claimant has the privilege of said request; w 

(3) The permission test process which verifies the 
authentication of the team data list on the basis of 
the content of said team data list sent from the 
claimant, when the updating request was sent from 
said claimant, and then, updates said memorized 15 
team data list, only when said authentication was 
verified. 

[0509] Moreover, in the above-mentioned team 
data list storing programs, the above-mentioned memo- 20 
rizing process may also make the computer execute the 
process, which memorizes beforehand the member 
information about above-mentioned member and one or 
more member lists at least including the digital signa- 
ture of the above-mentioned master, and the process 25 
which memorizes beforehand the master information 
indicating the privilege of said master and the master 
list at least including the digital signature of said master. 
[0510] Moreover, in the above-mentioned team 
data list storing programs, the above-mentioned master 30 
list includes the team master who has the privilege of 
the modification of the above-mentioned master list, 
and above-mentioned permission test process may also 
make the computer to do the following process, that is to 
say, 35 

the process which stores the master list before this 
modification as the old master list when the modifi- 
cation direction of said team master by said director 
was notified from above-mentioned claimant; 40 
the process which sends said master list and the 
above-mentioned member list to said claimant 
according to the request of said claimant, and 
detects the modification of said team master by 
receiving, from said claimant, the modified master 45 
list and the member list about the information of 
said team master, which are at the transition state; 
the process which verifies the authentication of the 
modification of said team master, on the basis of 
said master list and member list which are at the 50 
transition state, when the modification of said team 
master was detected; 

the process which sends said master list and mem- 
ber list, which are at the transition state, to said 
claimant, when the authentication of said modifica- 55 
tion was verified, and verifies the authentication of 
said lists by receiving, from said claimant, the new 
master list and member list in which the digital sig- 



nature of the team master of said modification is 
affixed, who is designated by said modification 
directive to said lists at the transition state, and 
updates said master list and said member list, 
which are memorized, only when said authentica- 
tion was verified. 

[0511] As explained above, there are the following 
effects in the invention of Example 6. 
In this invention, according to the modification directive 
from the master having the proper permission, the team 
data lists, such as the master list and the member list, 
etc., stored in the server etc., are retrieved, and, after 
verifying that these lists are created rightly by the mas- 
ter having the proper privilege, these lists are modified 
and returned to the destination. By this way, it is detect- 
able that the person not having the proper privilege, 
such as the general members other than the master, the 
manager of the server, and the cracker, operated the 
team data list unjustly. 

[0512] Moreover, since the team master himself 
can modify the team master in this invention, the dele- 
gation of privilege of the team master can be realized, 
without intervention of the administrator of the server, 
etc., where the team data list is stored. And since the 
structure, which can administrate the team data list by 
the multiple managers, is realizable, it becomes possi- 
ble to make it alleviate that the load concentrates on few 
administrators. 

[0513] Moreover, since the signature of the master 
is included in the team data list in this invention, it 
becomes possible to detect unjust acts, such as tam- 
pering, etc., made to the team data list. 
Moreover, when the reference request or update 
request of the team data list are made in this invention, 
since the permission test whether the director, who did 
these request, has the proper privilege or not, is done, it 
can prevent that the person not having privilege does 
the improper acts. 

[0514] Moreover, in this invention, while the infor- 
mation for identification/authentication of the team mas- 
ter himself, such as the public key, etc. is registered 
beforehand, said information is compared with digital 
signature of the master in the team data list, and this 
modification is detected, when the team master is 
changed, and the public key of the team master regis- 
tered etc. is updated suitably. By this way, it becomes 
unnecessary that the user does the troublesome work- 
ing by himself, in which the team master should be con- 
firmed visually, whenever the user operates the team 
data list, so that said user can recognize the team mas- 
ter automatically. 

[0515] In addition, the "computer system" here 
includes the hardware, such as OS and the peripheral 
devices. Moreover, "the record media in which computer 
reading is possible" means transferable mediums, such 
as floppy disks, optical-magnetic disks, ROM, and CD 
ROM, and memory devices, such as the hard disk 
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installed in the computer system. Furthermore, "the 
computer readable record media" includes what holds 
programs dynamically in short time (the transmission 
medium and transmission wave), like the communica- 
tion wire in the case of transmitting programs through 
communication lines, such as network, internet, and tel- 
ephone line, and also includes what holds programs 
with a fixed time, like the volatile memories inside the 
computer system, which is the server and the client in 
that case. Moreover, the above-mentioned programs 
are for realizing one part of unit mentioned above, and 
the said programs can also realize the unit mentioned 
above in the combination with programs already 
recorded in the computer system. 
[0516] Finally, all of the combination of the charac- 
teristic feature required of these examples is not enu- 
merated. Moreover, combination other than the 
combination explained above may also be applied the 
invention. 

Claims 

1. An information sharing system which employs the 
secret key cryptography and public key cryptogra- 
phy, wherein a secret key can be shared within at 
least a group, said information sharing system com- 
prising: 

an information storing device which can at least 
be accessed by multiple members, and which 
is capable of storing the digital signature of the 
team master, a member list including public key 
information regarding members, a secret key 
list including encrypted key information, and 
encrypted data; 

a storing unit for storing the public key for at 
least one member which is permitted to view 
information; 

an encryption unit for encrypting input informa- 
tion based on said secret key cryptography 
which uses a secret key for encrypting informa- 
tion, thereby generating encrypted data; 
an encrypted key generation unit for encrypting 
the secret key used for encryption with a public 
key stored in said storing unit and specified, 
thereby generating an encrypted key; 
a transmitting unit for transmitting said plurality 
of encrypted keys and encrypted data to said 
information storing device; 
a list administration unit which obtains a mem- 
ber list from said information storing device, 
judges whether or not the signature of the team 
master of said member list matches the speci- 
fied signature, performs registration of public 
keys of members to be added or deletion of 
canceling member's public keys only in the 
event that said signatures match, and in the 
event of additional registration or cancellation, 



creates a new member list including at least the 
signature of the team master and public key 
information of members, and transmits the cre- 
ated member list to said information storing 

5 device; and 

an encryption/decryption device which has a 
decryption unit for obtaining desired encrypted 
key information and encrypted data from said 
information- storing device, decrypting said 

w secret key from this encrypted key information, 

and decrypting the obtained encrypted data 
with the decrypted secret key. 

2. An information sharing system according to Claim 
15 1, wherein said information storing device and said 

encryption/decryption device further comprise a 
transmission/reception notification unit for, in the 
event that information or data is transmitted from a 
sender side to a recipient side, performing trans- 

20 mission notification wherein the reception side is 
notified that information or data has been transmit- 
ted from said transmission side, and performing 
reception notification wherein the tranmission side 
is notified that information or data has been 

25 received by said reception side indeed. 

3. An information sharing system according to Claim 
1, wherein said encryption/decryption device fur- 
ther comprises an output unit for obtaining at least 

30 encrypted key information from the secret key list in 
said information storing device, decrypting the 
secret key from this encrypted key information, 
encrypting input information based on said secret 
key cryptography with the decrypted secret key so 

35 as to generate encrypted data, and outputting said 
encrypted data to said transmitting unit. 

4. An information processing method for an informa- 
tion sharing system which employs the secret key 

40 cryptography and public key cryptography, wherein 
a secret key can be shared within at least a group, 
and wherein an information storing device, which 
can at least be accessed by multiple members, 
stores the signature of the team master, a member 

45 list including public key information regarding mem- 
bers, a secret key list including encrypted key infor- 
mation, and encrypted data, said method 
comprising the steps of: 

so a step for obtaining the member list from said 

information storing device in the event of addi- 
tional registration or cancellation of a member 
belonging to the group; 

a step for judging whether or not the signature 
55 of the team master of said member list matches 

the specified signature; 

a step for creating a new member list including 
at least the signature of the team master and 
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public key information of members only in the 
event that said signatures match; and 
a step for transmitting the created member list 
to said information storing device. 

5. An information processing method for an informa- 
tion sharing system which employs the secret key 
cryptography and public key cryptography, wherein 
a secret key can be shared within at least a group, 
and wherein an information storing device, which 
can at least be accessed by multiple members, 
stores the signature of the team master, at least a 
member list including public key information regard- 
ing members, a secret key list including encrypted 
key information, and encrypted data, said method 
comprising the steps of: 

a step for obtaining the member list from said 
information storing device in the event of regis- 
tering a secret key to be used by members 
belonging to the group; 

a step forjudging whether or not the signature 
of the team master of said member list matches 
the specified signature; 

a step for encrypting the secret key to be regis- 
tered using said specified secret key, only in 
the event that said signatures match; and 
a step for transmitting the encrypted secret key 
to said information storing device. 

6. An information processing method for an informa- 
tion sharing system according to Claim 5 which 
employs the secret key cryptography and public key 
cryptography, wherein a secret key can be shared 
within at least a group, and wherein an information 
storing device, which can at least be accessed by 
multiple members, stores at least the signature of 
the team master, a member list including public key 
information regarding members, a secret key list 
including encrypted key information, and encrypted 
data, said method further comprising: 

a transmission/reception notification step for, in 
the event that information or data is transmitted 
from a sender side to a recipient side, perform- 
ing transmission notification wherein the recep- 
tion side is notified that information or data has 
been transmitted from said transmission side, 
and performing receiving notification wherein 
the transmission side is notified that informa- 
tion or data has been received by said recep- 
tion side indeed. 

7. An information processing method for an informa- 
tion sharing system which employs the secret key 
cryptography and public key cryptography, wherein 
a secret key can be shared within at least a group, 
and wherein an information storing device which 



can at least be accessed by multiple members 
stores at least the signature of the team master, a 
group list including public key information regarding 
members, a secret key list including encryption key 
5 information, and encryption data, said method com- 

prising the steps of: 

a step for obtaining at least encrypted key infor- 
mation from the secret key list in said informa- 

w tion storing device; 

a step for decrypting a secret key from this 
encrypted key information; 
a step for encrypting input information based 
on said common key cryptography with the 

15 decrypted secret key so as to generate 

encrypted data; and 

a step for transmitting the encrypted data to 
said information storing device. 

20 8. An information processing method for an informa- 
tion sharing system according to Claim 7 which 
employs the secret key cryptography and public key 
cryptography, wherein a secret key can be shared 
within at least a group, and wherein an information 

25 storing device which can at least be accessed by 
multiple members stores at least the signature of 
the team master, a member list including public key 
information regarding members, a secret key list 
including encrypted key information, and encrypted 

30 data, said method further comprising: 

a transmission/reception notification step for, in 
the event that information or data is transmitted 
from a sender side to a recipient side, perform- 

35 ing transmission notification wherein the recep- 

tion side is notified that information or data has 
been transmitted from said transmission side, 
and performing reception notification wherein 
the transmission side is notified that informa- 

40 tion or data has been received by said recep- 

tion side indeed. 

9. An information processing method for an informa- 
tion sharing system which employs the secret key 

45 cryptography and public key cryptography, wherein 
a secret key can be shared within at least a group, 
and wherein an information storing device which 
can at least be accessed by multiple members 
stores at least the signature of the team master, a 

so member list including public key information regard- 
ing members, a secret key list including encrypted 
key information, and encrypted data, said method 
comprising the steps of: 

55 a step for obtaining desired encrypted key 

information and encrypted data from said infor- 
mation storing device; 

a step for decrypting the secret key from this 
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encrypted key information; and 

a step for decrypting the obtained encrypted 

data with the decrypted secret key. 

10. An information processing method for an informa- 5 
tion sharing system according to Claim 9 which 
employs the secret key cryptography and public key 
cryptography, wherein a secret key can be shared 
within at least a group, and wherein an information 
storing device which can at least be accessed by w 
multiple members stores at least the signature of 

the team master, a member list including public key 
information regarding members, a secret key list 
including encrypted key information, and encrypted 
data, said method further comprising: 15 

a transmission/reception notification step for, in 
the event that information or data is sent from a 
sender side to a recipient side, performing 
transmission notification wherein the reception 20 
side is notified that information or data has 
been transmitted from said transmission side, 
and performing reception notification wherein 
the transmission side is notified that informa- 
tion or data has been received by said recep- 25 
tion side indeed. 

11. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing steps: 30 

a step for obtaining a member list from an infor- 
mation storing device which can at least be 
accessed by multiple members, and which is 
capable of storing the signature of the team 35 
master, a member list including public key infor- 
mation regarding members, a secret key list 
including encrypted key information, and 
encrypted data; 

a step for judging whether or not the signature 40 
of the team master of said member list matches 
the specified signature; 

a step for creating a new member list including 
at least the signature of the team master and 
public key information of members only in the 45 
event that said signatures match; and 
a step for transmitting the encrypted secret key 
to said information storing device. 

12. A computer-readable recording medium storing 50 
programs for causing a computer to execute the fol- 
lowing steps: 

a step for obtaining a member list from an infor- 
mation storing device which can at least be 55 
accessed by multiple members, and which is 
capable of storing the signature of the team 
master, a member list including public key infor- 



mation regarding members, a secret key list 
including encrypted key information, and 
encrypted data; 

a step for judging whether or not the signature 
of the team master of said member list matches 
the specified signature; 

a step for encrypting the secret key to be regis- 
tered using said specified secret key, only in 
the event that said signatures match; and 
a step for transmitting the created member list 
to said information storing device. 

13. A computer-readable recording medium according 
to Claim 12 further storing programs for causing a 
computer to execute a transmission/reception noti- 
fication step for, in the event that information or data 
is sent from a sender side to a recipient side, per- 
forming transmission notification wherein the 
reception side is notified that information or data 
has been transmitted from said transmission side, 
and performing reception notification wherein the 
transmission side is notified that information or data 
has been received by said reception side indeed. 

14. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing steps: 

a step for obtaining at least encrypted key infor- 
mation from the secret key list in an information 
storing device which can at least be accessed 
by multiple members, and which is capable of 
storing the signature of the team master, a 
member list including public key information 
regarding members, a secret key list including 
encrypted key information, and encrypted data; 
a step for decrypting a secret key from this 
encrypted key information; 
a step for encrypting input information based 
on said secret key cryptography with the 
decrypted secret key so as to generate 
encrypted data; and 

a step for transmitting the encrypted data to 
said information storing device. 

15. A computer-readable recording medium according 
to Claim 14 further storing programs for causing a 
computer to execute a transmission/reception noti- 
fication step for, in the event that information or data 
is sent from a sender side to a recipient side, per- 
forming transmission notification wherein the 
reception side is notified that information or data 
has been transmitted from said transmission side, 
and performing reception notification wherein the 
transmission side is notified that information or data 
has been received by said recipient side indeed. 

16. A computer-readable recording medium storing 
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programs for causing a computer to execute the fol- 
lowing steps: 

a step for obtaining desired encrypted key 
information and encrypted data from said infor- 5 
mation storing device storing at least the signa- 
ture of the team master, a member list including 
public key information regarding members, a 
secret key list including encrypted key informa- 
tion, and encrypted data; w 
a step for decrypting the secret key from this 
encrypted key information; and 
a step for decrypting the obtained encrypted 
data with the decrypted secret key. 

15 

17. A computer-readable recording medium according 
to Claim 16 further storing programs for causing a 
computer to execute a transmission/reception noti- 
fication step for, in the event that information or data 

is sent from a sender side to a recipient side, per- 20 
forming transmission notification wherein the 
reception side is notified that information or data 
has been transmitted from said transmission side, 
and performing reception notification wherein the 
transmission side is notified that information or data 25 
has been received by said reception side indeed. 

18. An information storing device which can at least be 
accessed by multiple members, and which is capa- 
ble of storing a member list including public key 30 
information regarding members, a secret key list 
including encrypted key information, and encrypted 
data, and which employs the secret key cryptogra- 
phy and public key cryptography, wherein a secret 
key can be shared within at least a group, said 35 
device comprising: 

a member list administration unit capable of 
changing said member list in response to a 
member list manipulation request; 40 
a secret key administration unit for registering a 
secret key for which a request has been made 
to said secret key list in response to a registra- 
tion request for a secret key, this registration 
including the encrypted key information of said 45 
secret key, and selecting a secret key optimal 
for sharing information within a certain group at 
the time of the request, in response to the 
secret key request, and transmitting the 
selected secret key to the requesting destina- 50 
tion; and 

an encrypted data administration unit for stor- 
ing the encrypted data along with secret key 
information used for encrypting said data in 
response to the registration request of the 55 
encrypted data, and transmitting the relevant 
stored encrypted data and secret key informa- 
tion to the requesting destination in response to 



the request for obtaining encrypted data. 

19. An information storing device according to Claim 
18, wherein said member list administration unit 
and secret key administration unit change said 
member list and secret key list so that in the event 
of newly registering a member to a certain group, 
information shared by the group before the time of 
registration can be read. 

20. An information storing device according to Claim 
18, wherein said member list administration unit 
and secret key administration unit change said 
member list and secret key list so that in the event 
of deleting a member from a certain group, informa- 
tion shared by the group after the member is 
deleted cannot be read by the deleted member. 

21. An information processing method for an informa- 
tion storing device which can at least be accessed 
by multiple members, and which is capable of stor- 
ing a member list including public key information 
regarding members, a secret key list including 
encrypted key information, and encrypted data, and 
which employs the secret key cryptography and 
public key cryptography, wherein a secret key can 
be shared within at least a group, said method com- 
prising the steps of: 

a step for changing said member list in 
response to a member list manipulation 
request; 

a step for registering a secret key for which a 
request has been made to said secret key list in 
response to a registration request for a secret 
key, this registration including the encrypted 
key information of said secret key; 
a step for selecting a secret key optimal for 
sharing information within a certain group at 
the time of the request, in response to the 
secret key request, and transmitting the 
selected secret key to the requesting destina- 
tion; 

a step for storing the encrypted data along with 
secret key information used for encrypting said 
data in response to the registration request of 
the encrypted data; and 
a step for transmitting the relevant stored 
encrypted data and secret key information to 
the requesting destination in response to the 
request for obtaining encrypted data. 

22. An information processing method for an informa- 
tion storing device according to Claim 21, further 
comprising a step for changing said member list 
and secret key list so that in the event of newly reg- 
istering a member to a certain group, information 
shared by the group before the time of registration 
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can be read. 

23. An information processing method for an informa- 
tion storing device according to Claim 21, further 
comprising a step for changing said member list 5 
and secret key list so that in the event of deleting a 
member from a certain group, information shared 

by the group after the member is deleted cannot be 
read by the deleted member. 

10 

24. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing steps: 

a step for changing said member list in 15 
response to a member list manipulation 
request; 

a step for registering a secret key for which a 
request has been made to said secret key list in 
response to a registration request for a secret 20 
key, this registration including the encrypted 
key information of said secret key; 
a step for selecting a secret key optimal for 
sharing information within a certain group at 
the time of the request, in response to the 25 
secret key request, and transmitting the 
selected secret key to the requesting destina- 
tion; 

a step for storing the encrypted data along with 
secret key information used for encrypting said 30 
data in response to the registration request of 
the encrypted data; and 
a step for transmitting the relevant stored 
encrypted data and secret key information to 
the requesting destination in response to the 35 
request for obtaining encrypted data. 

25. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing steps: 40 

a step for changing said member list in 
response to a member list manipulation 
request; 

a step for registering a secret key for which a 45 
request has been made to said secret key list in 
response to a registration request for a secret 
key, this registration including the encrypted 
key information of said secret key; 
a step for selecting a secret key optimal for 50 
sharing information within a certain group at 
the time of the request, in response to the 
secret key request, and transmitting the 
selected secret key to the requesting destina- 
tion; 55 
a step for storing the encrypted data along with 
secret key information used for encrypting said 
data in response to the registration request of 
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the encrypted data; 

a step for transmitting the relevant stored 
encrypted data and secret key information to 
the requesting destination in response to the 
request for obtaining encryption data; and 
a step for changing said member list and secret 
key list so that in the event of newly registering 
a member to a certain group, information 
shared by the group before the time of registra- 
tion can be read. 

26. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing steps: 

a step for changing said member list in 
response to a member list manipulation 
request; 

a step for registering a secret key for which a 
request has been made to said secret key list in 
response to a registration request for a secret 
key, this registration including the encrypted 
key information of said secret key; 
a step for selecting a secret key optimal for 
sharing information within a certain group at 
the time of the request, in response to the 
secret key request, and transmitting the 
selected secret key to the requesting destina- 
tion; 

a step for storing the encrypted data along with 
secret key information used for encrypting said 
data in response to the registration request of 
the encrypted data; 

a step for transmitting the relevant stored 
encrypted data and secret key information to 
the requesting destination in response to the 
request for obtaining encrypted data; and 
a step for changing said member list and secret 
key list so that in the event of deleting a mem- 
ber from a certain group, information shared by 
the group after the member is deleted cannot 
be read by the deleted member. 

27. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing steps: 

a step for changing said member list in 
response to a member list manipulation 
request; 

a step for registering a secret key for which a 
request has been made to said secret key list in 
response to a registration request for a secret 
key, this registration including the encrypted 
key information of said secret key; 
a step for selecting a secret key optimal for 
sharing information within a certain group at 
the time of the request, in response to the 
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secret key request, and transmitting the 
selected secret key to the requesting destina- 
tion; 

a step for storing the encrypted data along with 
secret key information used for encrypting said 5 
data in response to the registration request of 
the encrypted data; 

a step for transmitting the relevant stored 
encrypted data and secret key information to 
the requesting destination in response to the 10 
request for obtaining encrypted data; 
a step for changing said member list and secret 
key list so that in the event of newly registering 
a member to a certain group, information 
shared by the group before the time of registra- 15 
tion can be read; and 

a step for changing said member list and secret 
key list so that in the event of deleting a mem- 
ber from a certain group, information shared by 
the group after the member is deleted cannot 20 
be read by the deleted member. 

28. An information tamper detection device having a 
sending terminal located at the sender side, and a 
receiving terminal located at the recipient side and 25 
connected with said sending terminal via a network, 
whereby information is sent and received between 
said sending terminal and receiving terminal, said 
information tamper detection device comprising: 

30 

a received contents confirmation data creation 

unit for creating received contents confirmation 

data indicating that said receiving terminal has 

confirmed reception of said information; 

a sending unit for sending said received con- 35 

tents confirmation data via said network; 

a receiving unit for receiving said receiving 

contents confirmation data via said network; 

and 

a tamper detection unit which compares said 40 
information sent from said sending terminal 
with said receiving contents confirmation data, 
and detects tampering by the comparison 
results. 

45 

29. An information tamper detection device according 
to Claim 28, wherein said received contents confir- 
mation data creation unit creates said receiving 
contents confirmation data based on one or a com- 
bination of a plurality of the following: 50 

all or part of said information received by said 
receiving terminal; 

a message digest consisting of all or part of 
said information digested by using Hash func- 55 
tion; 

sender information relating to the sender; 
recipient information relating to the recipient; 



and 

communication information. 

30. An information tamper detection device according 
to Claim 28, wherein said receiving contents confir- 
mation data creation unit creates said receiving 
contents confirmation data based on a message 
digest consisting of one or a combination of a plu- 
rality of the following, digested by using Hash func- 
tion: 

all or part of said information received by said 
receiving terminal; 

a message digest consisting of all or part of 
said information digested by using Hash func- 
tion; 

sender information relating to the sender; 
recipient information relating to the recipient; 
and 

communication information. 

31. An information tamper detection device according 
to Claim 28, wherein said receiving contents confir- 
mation data creation unit creates said receiving 
contents confirmation data regarding one or a com- 
bination of a plurality of the following, bearing a dig- 
ital signature: 

all or part of said information received by said 
receiving side terminal; 

a message digest consisting of all or part of 
said information digested by using Hash func- 
tion; 

sender information relating to the sender; 
recipient information relating to the recipient; 
and 

communication information. 

32. An information tamper detection device according 
to Claim 28, wherein said receiving contents confir- 
mation data creation unit 

creates information consisting of one or a com- 
bination of a plurality of the following: 

all or part of said information received by 

said receiving terminal; 

a message digest consisting of all or part 

of said information digested by using Hash 

function; 

sender information relating to the sender; 
recipient information relating to the recipi- 
ent; and 

communication information; 

creates a message digest comprised of said 
combination of information digested by using 
Hash function, and said combination of infor- 
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mation bearing a digital signature; and 
creates as the receiving contents confirmation 
data, a combination of two or more of the fol- 
lowing: 

5 

said combination of information; 
said message digest; and 
said digital signed information. 

33. An information tamper detection device having a w 
sending terminal located at the sender side, and a 
receiving terminal located at the recipient side and 
connected with said sending terminal via a network, 
whereby information is sent and received between 
said sending terminal and receiving terminal, said 15 
information tamper detection device comprising: 

a receiving contents confirmation data creation 
unit for creating receiving contents confirma- 
tion data indicating that said receiving terminal 20 
has confirmed reception of said information; 
a transmitting unit for transmitting said receiv- 
ing contents confirmation data via said net- 
work; 

a receiving unit for receiving said receiving 25 
contents confirmation data via said network; 
and 

a computer-readable recording medium storing 
tampering-detection programs causing a com- 
puter to serve as a tamper detection unit which 30 
compares said information sent from said 
sending terminal with said receiving contents 
confirmation data, and detects tampering by 
the comparison results. 

35 

34. An information tamper detection device having a 
sending terminal located at the sender side, and a 
receiving terminal located at the recipient side and 
connected with said transmitting terminal via a net- 
work, whereby information is sent and received, 40 
said information tamper detection device compris- 
ing: 

a receiving unit provided to said sending termi- 
nal, which receives received contents confir- 45 
mation data via said network, said received 
contents confirmation information having been 
generated by said receiving terminal and indi- 
cating that said receiving terminal has con- 
firmed reception of said information; and so 
a tamper detection unit provided to said sender 
side, which compares said received contents 
confirmation data received from said receiving 
unit with said information sent from said send- 
ing terminal, and detects tampering based on 55 
the comparison results thereof. 

35. An information tamper detection device according 



to Claim 34, wherein said received contents confir- 
mation data comprises information consisting of 
one or a combination of a plurality of the following: 

all or part of said information received by said 
receiving terminal; 

a message digest consisting of all or part of 
said information digested by using Hash func- 
tion; 

sender information relating to the sender; 
recipient information relating to the recipient; 
and 

communication information. 

36. An information tamper detection device according 
to Claim 34, wherein said received contents confir- 
mation data comprises information consisting of a 
message digest consisting of one or a combination 
of a plurality of the following, digested by using 
Hash function: 

all or part of said information received by said 
receiving terminal; 

a message digest consisting of all or part of 
said information digested by using Hash func- 
tion; 

sender information relating to the sender; 
recipient information relating to the recipient; 
and 

communication information. 

37. An information tamper detection device according 
to Claim 34, wherein said received contents confir- 
mation data comprises information consisting of 
one or a combination of a plurality of the following, 
bearing a digital signature: 

all or part of said information received by said 
receiving terminal; 

a message digest consisting of all or part of 
said information digested by using Hash func- 
tion; 

sender information relating to the sender; 
recipient information relating to the recipient; 
and 

communication information. 

38. An information tamper detection device according 
to Claim 34, wherein said receiving contents confir- 
mation data is created based on information con- 
sisting of one or a combination of a plurality of the 
following: 

all or part of said information received by said 
receiving terminal; 

a message digest consisting of all or part of 
said information digested by using Hash func- 
tion; 
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sender information relating to the sender; 
recipient information relating to the recipient; 
and 

communication information; 

5 

is created as a message digest comprised 
of said combination of information digested 
by using Hash function, and said combina- 
tion of information bearing a digital signa- 
ture; and w 
comprises a combination of two or more of 
the following: 

said combination of information; 

said message digest; and 15 

said digital signed information. 

39. An information tamper detection device having a 
sending terminal located at the sender side, and a 
receiving terminal located at the recipient side and 20 
connected with said sending terminal via a network, 
whereby information is sent and received, said 
information tamper detection device comprising: 



40. An information tamper detection device having a 
sending terminal located at the sender side, and a 
receiving terminal located at the recipient side and 
connected with said sending terminal via a network, 45 
whereby information is sent and received between 
said sending terminal and receiving terminal, said 
information tamper detection device comprising: 



which creates sent contents confirmation data 
based on said received contents confirmation 
data, indicating that the sending terminal has 
sent the information received by said receiving 
terminal, and sends the sent contents confir- 
mation data to said receiving terminal via said 
network; and 

a tamper detection unit which compares said 
sent contents confirmation data sent from said 
sent contents confirmation data creation unit 
with said information received by said receiving 
terminal, and detects tampering based on the 
comparison results. 

41. An information tamper detection device according 
to Claim 40, wherein said sent contents confirma- 
tion data creation unit creates sent contents confir- 
mation data based on one or a combination of a 
plurality of said received contents confirmation data 
and confirmation data indicating confirmation of the 
contents of said received contents confirmation 
data. 

42. An information tamper detection device according 
to Claim 40, wherein said sent contents confirma- 
tion data creation unit creates sent contents confir- 
mation data based on a message digest consisting 
of one or a combination of a plurality of said 
received contents confirmation data and said con- 
firmation data, digested by using Hash function. 

43. An information tamper detection device according 
to Claim 40, wherein said sent contents confirma- 
tion data creation unit creates sent contents confir- 
mation data as one or a combination of a plurality of 
said received contents confirmation data and said 
confirmation data, with a digital signature. 

44. An information tamper detection device according 
to Claim 40, wherein said sent contents confirma- 
tion data creation unit creates sent contents confir- 
mation data based on a message digest consisting 
of one or a combination of a plurality of said 
received contents confirmation data and said con- 
firmation data, digested by using Hash function; 
and wherein said sent contents confirmation data 
creation unit creates sent contents confirmation 
data as one or a combination of a plurality of said 
received contents confirmation data and said con- 
firmation data, with a digital signature; 

and wherein said sent contents confirmation data 
creation unit creates sent contents confirmation 
data based on a combination of two or more of the 
following: 

said combination of information; 
said message digest; and 
said digital signed information. 



a received contents confirmation data creation so 
unit for creating receiving contents confirma- 
tion data indicating that said receiving terminal 
has confirmed reception of said information; 
a sending unit for sending said received con- 
tents confirmation data via said network; 55 
a receiving unit for receiving said received con- 
tents confirmation data via said network; and 
a sent contents confirmation data creation unit 



10 



a receiving unit provided to said sending termi- 25 
nal, which receives received contents confir- 
mation data via said network, said received 
contents confirmation data having been gener- 
ated by said receiving terminal and indicating 
that said receiving terminal has confirmed 30 
reception of said information; and 
a computer-readable recording medium storing 
tarn pe ring-detection programs causing a com- 
puter to serve as a tamper detection unit pro- 
vided to said sender side, which compares said 35 
reception contents confirmation information 
received from said receiving unit with said infor- 
mation sent from said sending terminal, and 
detects tampering based on the comparison 
results thereof. 40 
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45. An information tamper detection device having a 
sending terminal located at the sender side, and a 
receiving terminal located at the recipient side and 
connected with said sending terminal via a network, 
whereby information is sent and received, said 5 
information tamper detection device comprising: 



created as one or a combination of a plurality of 
said received contents confirmation data and said 
confirmation data, with a digital signature; 
and wherein said sent contents confirmation data is 
created based on a combination of two or more of 
the following: 



a received contents confirmation data creation 
unit, provided to said receiving terminal, for 
creating received contents confirmation data 10 
indicating that said receiving terminal has con- 
firmed reception of said data; 
a sending unit, provided to said sending termi- 
nal, for sending said received contents confir- 
mation data via said network; and 15 
a tamper detection unit provided to said receiv- 
ing terminal, which receives sent contents con- 
firmation data via said network indicating that 
the information received by said receiving ter- 
minal has been transmitted, said sent contents 20 
confirmation data having been created by said 
sending terminal based on said received con- 
tents confirmation data, and which compares 
said sent contents confirmation data with said 
information received from said receiving termi- 25 
nal, and which detects tampering based on the 
comparison results thereof. 



46. An information tamper detection device according 

to Claim 45, wherein said sent contents confirma- 30 
tion data comprises one or a combination of a plu- 
rality of said received contents confirmation data 
and confirmation data indicating confirmation of the 
contents of said received contents confirmation 
data. 35 

47. An information tamper detection device according 
to Claim 45, wherein said sent contents confirma- 
tion data comprises a message digest consisting of 
one or a combination of a plurality of said received 40 
contents confirmation data and said confirmation 
data, digested by using Hash function. 

48. An information tamper detection device according 

to Claim 45, wherein said sent contents confirma- 45 
tion data comprises one or a combination of a plu- 
rality of said received contents confirmation data 
and said confirmation data, with a digital signature. 

49. An information tamper detection device according so 
to Claim 45, wherein said sent contents confirma- 
tion data is created based on a message digest 
consisting of one or a combination of a plurality of 
said received contents confirmation data and con- 
firmation data indicating confirmation of the con- 55 
tents of said received contents confirmation data, 
digested by using Hash function; 

and wherein said sent contents confirmation data is 



said combination of information; 
said message digest; and 
said digital signed information. 

50. An information tamper detection device having a 
sending terminal located at the sender side, and a 
receiving terminal located at the recipient side and 
connected with said sending terminal via a network, 
whereby information is sent and received, said 
information tamper detection device comprising: 

a received contents confirmation data creation 
unit, provided to said receiving terminal, for 
creating received contents confirmation data 
indicating that said receiving terminal has con- 
firmed reception of said data; 
a sending unit, provided to said sending termi- 
nal, for sending said received contents confir- 
mation data via said network; and 
a computer-readable recording medium storing 
tampering-detection programs causing a com- 
puter to serve as a tamper detection unit pro- 
vided to said receiving terminal, which receives 
sent contents confirmation data via said net- 
work indicating that the data received by said 
receiving terminal has been sent, said sent 
contents confirmation data having been cre- 
ated by said sending terminal based on said 
received contents confirmation data, and which 
compares said sent contents confirmation data 
with said data received from said receiving ter- 
minal, and which detects tampering based on 
the comparison results thereof. 

51. An encryption device comprising a key encryption 
unit and an encryption unit; 

said key encryption unit comprising: 

a secret key obtaining unit for either obtain- 
ing or generating a secret key used for 
encryption employing the secret key cryp- 
tography; 

a secret key encryption unit for encoding 
said secret key employing the public key 
cryptography so as to create an encrypted 
secret key; and 

a first secret key tamper detection code 
creation unit for creating key information 
from said secret key, to be used for secret 
key tamper detection; 
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and said encryption unit comprising: 

a data encryption unit for encrypting plain 
text using said secret key to create 
encrypted message; and 5 
a first data tamper detection code creation 
unit for creating first data tamper detection 
code from said plain text. 

52. An encryption device according to Claim 51, 10 
wherein said secret key encryption unit uses the 
public key for each user sharing encrypted mes- 
sage generated by said data encryption unit to 
encrypt said secret key and generate an encrypted 
secret key. 15 

53. An encryption device according to Claim 51 , said 
encryption device further comprising a key decryp- 
tion unit; 

20 

said key decryption unit comprising: 

a secret key decrypting unit for decrypting 
said encrypted secret key employing the 
public key cryptography; 25 
a second secret key tamper detection code 
creation unit for creating secret key tamper 
detection code from the secret key 
obtained by decrypting said encrypted 
secret key; and 30 
a first tamper detection unit for detecting 
tampering using said key information and 
said secret key tamper detection code; 

wherein said key decryption unit verifies tarn- 35 
pering as well as decrypts said encrypted 
secret key to obtain a secret key; 
and wherein said encryption unit further 
encrypts additional plain text using said secret 
key. 40 

54. A decryption device comprising a key decryption 
unit and a decryption unit for decrypting said 
encrypted secret key and said encrypted message 
encrypted by said encryption device according to 45 
Claim 51; 

said key decryption unit comprising: 



tampering using said key information and 
said secret key tamper detection code; 

and said decrypting unit comprising: 

a data decryption unit for decrypting 
encrypted message by using the secret 
key cryptography; 

a second data tamper detection code crea- 
tion unit for creating second data tamper 
detection code from the plain text obtained 
by decrypting said encrypted message; 
and 

a second tamper detection unit for detect- 
ing tampering using said first data tamper 
detection code and said second data 
tamper detection code. 

55. A decryption device according to Claim 54, wherein 
said secret key decryption unit decrypts all 
encrypted secret keys corresponding with each 
user sharing encrypted message; 

wherein said secret key tamper detection code cre- 
ation unit creates said secret key tamper detection 
code for each secret key obtained by decrypting; 
and wherein said first tamper detection unit detects 
tampering using said key information and said 
secret key tamper detection code, and also judges 
secret keys corresponding to users. 

56. An encryption/decryption device comprising the 
encryption device according to Claim 51 and the 
decryption device according to Claim 54. 

57. An encryption method, comprising: 

a procedure for either obtaining or generating a 

secret key used for encryption employing the 

secret key cryptography; 

a procedure for encoding said secret key 

employing the public key cryptography so as to 

create an encrypted secret key; 

a procedure for creating key information from 

said secret key; 

a procedure for encrypting plain text using said 
secret key to create encrypted message; and 
a procedure for creating first data tamper 
detection code from said plain text. 

58. A decryption method, comprising: 

a procedure for decrypting said encrypted 
secret key by employing the public key cryptog- 
raphy; 

a procedure for creating secret key tamper 
detection code from the secret key obtained by 
decrypting said encrypted secret key; 
a procedure for detecting tamper using said 



a secret key decrypting unit for decrypting 50 
said encrypted secret key by using the 
public key cryptography; 
a second secret key tamper detection code 
creation unit for creating secret key tamper 
detection code from the secret key 55 
obtained by decrypting said encrypted 
secret key; and 

a first tamper detection unit for detecting 
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key information and said secret key tamper 
detection code; 

a procedure for decrypting encrypted message 
by using the secret key cryptography; 
a procedure for creating second data tamper 5 
detection code from the plain text obtained by 
decrypting said encrypted message; and 
a procedure for detecting tamper using said 
first data tamper detection code and said sec- 
ond data tamper detection code. w 

59. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing procedures: 

15 

a procedure for either obtaining or generating a 
secret key used for encryption using the secret 
key cryptography; 

a procedure for encoding said secret key using 
the public key cryptography so as to create an 20 
encrypted secret key; 

a procedure for creating key information from 
said secret key; 

a procedure for encrypting plain text using said 
secret key to create encrypted message; and 25 
a procedure for creating first data tamper 
detection code from said plain text. 

60. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 30 
lowing procedures: 

a procedure for decrypting said encrypted 
secret key by using the public key cryptogra- 
phy; 35 
a procedure for creating secret key tamper 
detection code from the secret key obtained by 
decrypting said encrypted secret key; 
a procedure for detecting tampering using said 
key information and said secret key tamper 40 
detection code; 

a procedure for decrypting encrypted message 
by using the secret key cryptography; 
a procedure for creating second data tamper 
detection code from the plain text obtained by 45 
decrypting said encrypted message; and 
a procedure for detecting tampering using said 
first data tamper detection code and said sec- 
ond data tamper detection code. 

50 

61. A team data list administration device for adminis- 
tration of team data lists for hierarchical ordering of 
a team, said device comprising: 

an authentication unit for requesting operation 55 
of said team data list to a certain request desti- 
nation, and according to the operation request, 
obtaining from the request destination the fol- 



lowing for each team from the team which is the 
object of operation to the root team: 

authority data including the identifier indi- 
cating the parent team of own team, and 
the digital signature of the administrator of 
said parent team; and 
a team data list having an authority list 
including administrator information relating 
to authorized administration personnel of 
sub-teams under own team, and the digital 
signature of the team master which is the 
administrator of own team or the adminis- 
trator of a parent team; 
wherein confirmation is made for each 
team while backtracking the obtained team 
to said root team using said identifier, that 
there has been no tampering with the dig- 
ital signature on said team data list and 
that the signature is that of one having 
authority, using said administrator informa- 
tion; 

a team data list modification unit for modifying 
said team data list according to said operation 
request, once the validity thereof has been 
confirmed by said authentication unit; and 
a signing unit for creating a digital signature of 
the individual instructing said operation request 
and attaching said digital signature said modi- 
fied team data list, and sending this to said 
request destination. 

62. A team data list administration device according to 
Claim 61, wherein said administration information 
comprises information relating to one or more sub- 
authorities which have been appointed from own 
team by said team master and have administrating 
authority over said sub-teams, and relating to said 
team master having administrating authority over 
said sub-authorities in addition to the authority of 
said sub-authorities. 

63. A team data list administration device according to 
Claim 61, further comprising: 

a registering unit for obtaining identification 
information for performing identification of the 
team master of said root team and registering 
said identification information; and 
a team master verification unit for using said 
identification information which has been pre- 
registered to verify that the digital signature of 
the authority data of said root team being sent 
from the request destination is the digital signa- 
ture of the team master. 

64. A team data list storing device for storing team data 
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lists for hierarchical ordering of a team, said device 
comprising: 

an authority data storing unit for storing, for 
each team, authority data including the identi- 
fier indicating the parent team of own team, 
and the digital signature of the administrator of 
said parent team; 

an authority list storing unit for storing, for each 
team, an authority list having an authority list 
including administrator information relating to 
authorized administration personnel of sub- 
teams under own team, and the digital signa- 
ture of the team master which is the administra- 
tor of own team or the administrator of a parent 
team; and 

a permission test unit which uses said adminis- 
trator information to confirm that the individual 
instructing said operation request from a cer- 
tain request source to a team data list including 
at least said authority data and said authority 
list has request authority wherein in the case of 
a reference request or deletion request, the 
requested team data list is returned to said 
request source or deleted, according to the ref- 
erence request or deletion request, and 
wherein in the case of an update request, con- 
firmation is made that the digital signature of 
the team data list sent from said request source 
is the signature of an individual having author- 
ity, thereby updating the stored contents of said 
authority data storing unit and said authority list 
storing unit with the team data list that has 
been sent. 

65. A team data list administration device according to 
Claim 64, wherein said administration information 
comprises information relating to one or more sub- 
authorities which have been appointed from own 
team by said team master and have administrating 
authority over said sub-teams, and relating to said 
team master having administrating privilege over 
said sub-authorities in addition to the privilege of 
said sub-authorities. 

66. A team data list processing system having a team 
data list administration device according to one of 
the items in Claim 61 which is the request source, 
and the team data list storing device according to 
Claim 64 which is the request destination. 

67. A recording medium, storing team data list adminis- 
tration programs for administration of team data 
lists for hierarchical ordering of a team, said pro- 
grams causing a computer to execute the following 
processes: 

a process for requesting operation of said team 



data list to a certain request destination; 
a process for obtaining from the request desti- 
nation the following for each team from the 
team which is the object of operation to the root 
5 team, according to the operation request: 

authority data including the identifier indi- 
cating the parent team of own team, and 
the digital signature of the administrator of 

w said parent team; and 

a team data list having an authority list 
including administrator information relating 
to authorized administration personnel of 
sub-teams under own team, and the digital 

15 signature of the team master which is the 

administrator of own team or the adminis- 
trator of a parent team; 

an authentication process for confirming each 
20 team while backtracking the obtained team to 

said root team using said identifier, that there 
has been no tampering with the digital signa- 
ture on said team data list and that the signa- 
ture is that of one having privilege, using said 
25 administrator information; 

a modification process for modifying said team 
data list according to said operation request, 
once the validity thereof has been confirmed by 
said authentication process; and 
30 a process for creating a digital signature of the 

individual instructing said operation request 
and attaching said digital signature to said 
modified team data list, and sending this to said 
request source. 

35 

68. A recording medium, storing team data list adminis- 
tration programs for administration of team data 
lists for hierarchical ordering of a team, said pro- 
grams causing a computer to execute the following 
40 processes: 

a process for storing beforehand, for each 
team, authority data including the identifier 
indicating the parent team of own team, and 
45 the digital signature of the administrator of said 

parent team; 

a process for storing beforehand, for each 
team, an authority list having an authority list 
including administrator information relating to 
so authorized administration personnel of sub- 

teams under own team, and the digital signa- 
ture of the team master which is the administra- 
tor of own team or the administrator of a parent 
team; and 

55 a permission test process which uses said 

administrator information to confirm that the 
individual instructing said operation request 
from a certain request source to a team data 
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list including at least said authority data and 
said authority list has request privilege, 
wherein in the case of a reference request or 
deletion request, the requested team data list is 
returned to said request source or deleted, 5 
according to the reference request or deletion 
request, and wherein in the case of an update 
request, confirmation is made that the digital 
signature of the team data list sent from said 
request source is the signature of a director 10 
having authority, thereby updating the stored 
contents of said authority data storing unit and 
said authority list storing unit with the team 
data list that has been sent. 

15 

69. A member list administration device in a broadcast 
communication system, said system comprising: 

an encryption information creating device 
which creates code information including 20 
encrypted information formed by encrypting 
information to be sent; 

a member list administration device performing 
administration of members lists including public 
keys of members to receive distribution of the 25 
broadcast; 

an encrypted message decryption device 
which decrypts said encrypted message; and 
a message broadcast device which receives 
encrypted message sent from said encrypted 30 
message creation device and distributes said 
encrypted message to one or more of said 
encrypted message decryption devices, based 
on said member list; 

35 

said member list administration device 
comprising: 

a list creation unit for creating a member 
list including the public key(s) of one or 
more members for broadcast communica- 40 
tion; and 

a public key administration unit for obtain- 
ing and saving said public keys. 

70. A member list administration device according to 45 
Claim 69, further comprising a list retrieval and stor- 
ing unit for retrieving and storing said member list 
either from a terminal via a network, or from a stor- 
age medium connected to the device. 

50 

71. A member list administration device according to 
Claim 69, further comprising a list transmitting unit 
for transmitting said member list via a network to a 
database connected to said network, said message 
broadcast device, or said encrypted message crea- 55 
tion device or said encrypted message decryption 
device used by members included in said member 
list. 



72. A member list administration device according to 
Claim 69, further comprising a subscription accep- 
tor comprising: 

a subscription request item setting unit for set- 
ting subscription request items for joining a 
broadcast communication member list; and 
a subscription license judgement unit forjudg- 
ing whether or not the request items input and 
transmitted from the applicant satisfy said sub- 
scription request items, and whether or not 
subscription is admitted. 

73. A encrypted message creation device in a broad- 
cast communication system, said system compris- 
ing: 

an encrypted message creation device which 
creates encrypted message including 
encrypted information formed by encrypting 
information to be sent; 

a member list administration device performing 
administration of members lists including public 
keys of members to receive distribution of the 
broadcast; 

an encrypted message decryption device 
which decrypts said encrypted message; and 
a message broadcast device which receives 
encrypted message sent from said encrypted 
message creation device and distributes said 
encrypted message to one or more of said 
encrypted message decryption devices, based 
on said member list; 

said encrypted message creation device 
comprising: 

a list retrieval and storing unit for retrieving 
and storing said member list either from a 
terminal via a network, or from a storage 
medium connected to the device; and 
an encryption unit which obtains broadcast 
communication text, and encrypts said 
broadcast communication text using a 
public key included in said member list so 
as to form encrypted information. 

74. A encrypted message creation device according to 
Claim 73, wherein said encryption unit creates an 
encrypted message of said broadcast communica- 
tion text encrypted by the secret key cryptography, 
creates one or more encrypted secret keys of the 
secret key used in said secret key cryptography 
encrypted by the public key cryptography using one 
or more public keys included in said member list, 
creating key selection information for selecting 
encrypted secret keys corresponding to the mem- 
bers receiving distribution of the broadcast, and 
outputting said encrypted message, said encrypted 
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secret key, and said key selecting information, as 
said encrypted information. 

75. An encrypted message creation device according 

to Claim 73, wherein, in the event that the broad- 5 
cast communication text is composed of a plurality 
of components, said encryption unit performs 
encryption for each of the components making up 
said broadcast communication text and creates 
said encrypted information. w 

76. An encrypted message creation device according 
to Claim 73, further comprising a destination check 
unit for, in the event that the destination of the 
broadcast communication text is checked and said 15 
destination is said message broadcast device, and 
also in the event that a member list is obtained from 
said list retrieval and storing unit, sending said 
broadcast communication text to said encryption 
unit. 20 

77. An encrypted message creation device according 
to Claim 73, further comprising a multiple parts 
sending unit for, in the event that the broadcast 
communication text is comprised of a main compo- 25 
nent and one or more dependent components, 
including reference information enabling reference 

to encrypted message corresponding to the 
dependent component to encrypted message cor- 
responding to the main component and sending 30 
this to said message broadcast device, and send- 
ing encrypted message corresponding to the 
dependent components to an information storing 
device on the network. 

35 

78. An encrypted message decryption device in a 
broadcast communication system, said system 
comprising: 

an encrypted message creation device which 40 
creates encrypted message including 
encrypted information formed by encrypting 
information to be sent; 

a member list administration device performing 
administration of members lists including public 45 
keys of members to receive distribution of the 
broadcast; 

an encrypted message decryption device 
which decrypts said encrypted message; and 
a message broadcast device which receives 50 
encrypted message sent from said encrypted 
message creation device and distributes said 
encrypted message to one or more of said 
encrypted message decryption devices, based 
on said member list; 55 
said encrypted message decryption device fur- 
ther comprising: 

an encrypted message retrieval unit for retriev- 



ing encrypted message transmitted from said 
message broadcast device; and 
a decryption unit for decrypting the encrypted 
information included in said encrypted mes- 
sage. 

79. An encrypted message decryption device accord- 
ing to Claim 78, said decryption unit comprising: 

a key selection unit for making reference to key 
selection information included in said 
encrypted message, and selecting the 
encrypted secret key to be used for decryption; 
an encrypted secret key decryption unit for 
decrypting with a private key of the recipient 
the encrypted secret key selected using the 
public key cryptography, thereby obtaining a 
secret key; and 

an encrypted message decryption unit for 
decrypting the encrypted information included 
in said encrypted message using said secret 
key with the secret key cryptography, thereby 
obtaining the broadcast communication text in 
plain text. 

80. An encrypted message decryption device accord- 
ing to Claim 78, said encrypted message decryp- 
tion device further comprising a received 
notification transmitting unit for transmitting a 
received notification to said message broad cast 
device, thereby notifying that the member to receive 
the distribution has indeed received the same in 
person. 

81. An encrypted message decryption device accord- 
ing to Claim 78, further comprising a multiple parts 
receiving unit for, in the event that the broadcast 
communication text is comprised of a main compo- 
nent and one or more dependent components, 
receiving encrypted message corresponding to the 
main component including reference information 
enabling reference to code information correspond- 
ing to the main component, and receiving 
encrypted message corresponding to the depend- 
ent components, based on said reference informa- 
tion. 

82. An encrypted message decryption device accord- 
ing to Claim 78, further comprising a broadcast 
communication security checking unit for perform- 
ing said checking according to one or a combina- 
tion of the following: 

checking of whether or not the member list 
used for creating encrypted message in said 
encrypted message creation device and the 
member list used for creating said distribution 
list are identical; 
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checking of whether or not the sender of 
encrypted message was included in the mem- 
ber list; 

checking of security regarding whether or not 
encrypted message has been tampered with 5 
along the communication path; 
checking of whether or not there are malicious 
programs or data strings in transmitted infor- 
mation; and 

checking of whether or not a part of encrypted 10 
message comprised of a plurality of parts cre- 
ated at the encrypted message creation device 
with reference to the transmitted encrypted 
message is being transmitted to another infor- 
mation storing device. 15 

83. An encrypted message decryption device accord- 
ing to Claim 78, further comprising a list retrieval 
and storing unit for retrieving and storing said mem- 
ber list from a device already storing the member 20 
list, via a network. 

84. An encrypted message decryption device in a 
broadcast communication system, said system 
comprising: 25 

an encrypted message creation device which 
creates encrypted message including 
encrypted information formed by encrypting 
information to be sent; 30 
a member list administration device performing 
administration of members lists including public 
keys of members to receive distribution of the 
broadcast; 

an encrypted message decryption device 35 
which decrypts said encrypted information; and 
a message broadcast device which receives 
encrypted message sent from said encrypted 
message creation device and distributes said 
encrypted message to one or more of said 40 
encrypted message decryption devices, based 
on said member list; 

said message broadcast device further com- 
prising: 

a destination list administration unit for per- 45 
forming administration of a destination list; 
a message replication unit for replicating trans- 
mitted information; and 

a transmitting unit for distributing the replicated 
encrypted message to each of the members to 50 
receive the distribution. 

85. A message broadcast device according to Claim 
84, wherein said destination list administration unit 
further comprises a list retrieval and storing unit 55 
which is capable of retrieving a members list from 

the location of storing whenever necessary, and 
storing said transmitted member list; 
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and changing said destination list so that infor- 
mation is distributed to the same set of mem- 
bers as the members included in the member 
list transmitted from the team master. 

86. A message broadcast device according to Claim 
84, further comprising a list authentication unit for 
automatically judging whether or not an digital sig- 
nature is the signature of the valid team master, in 
the event that the validity of the digital signature 
attached to the member list is to be authenticated. 

87. A message broadcast device according to Claim 
84, further comprising an affixed information affix- 
ing unit for affixing an affixed information to all or a 
part of transmitted information. 

88. A message broadcast device according to Claim 
84, said message broadcast device further com- 
prising a broadcast communication security check- 
ing unit for performing said checking according to 
one or a combination of the following: 

checking of whether or not the member list 
used for creating encrypted message in said 
encrypted message creation device and the 
member list used for creating said destination 
list are identical; 

obtaining received refusal information including 
the identification information of the receiving 
terminal or user refusing reception of informa- 
tion, checking whether or not the sender or 
sending terminal of information transmitted to 
the message broadcast device is included in 
said received refusal information; 
checking of whether or not the sender of 
encrypted message was included in the mem- 
ber list; 

checking of security regarding whether or not 
encrypted message has been tampered with 
along the communication path; 
checking of whether or not there are malicious 
programs or data strings in transmitted infor- 
mation; and 

checking of whether or not a part of encrypted 
message comprised of a plurality of parts cre- 
ated at the encrypted message creation device 
with reference to the transmitted encrypted 
message is being transmitted to another infor- 
mation storing device. 

89. A message broadcast device according to Claim 
84, further comprising a broadcast communication 
contents storing unit for storing the transmitted 
information or part of the transmitted information. 

90. A message broadcast device according to Claim 
84, further comprising a broadcast communication 
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automatic start unit including: 

a start request items presentation unit for pre- 
senting, on the terminal of the individual 
requesting start, the start request items which 5 
the individual requesting start should satisfy at 
the time of applying for start of broadcast com- 
munication service; 

a start license judgement unit for judging 
whether or not the start application request 10 
transmitted by said individual requesting start 
satisfies the start request items, and whether 
start of broadcast communication service is to 
be permitted; 

a broadcast communication start setting up 15 
unit, which, once start of broadcast communi- 
cation service has been decided upon by said 
start license judgement unit, starts broadcast 
communication service wherein information is 
distributed to members specified by the team 20 
master, said individual requesting establish- 
ment being the team master. 

91. A broadcast communication system, comprising: 

25 

a member list administration device according 
to Claim 69; 

an encrypted message creation device accord- 
ing to Claim 73; 

an encrypted message decryption device 30 
according to Claim 78; and 
a message broadcast device according to 
Claim 84. 



92. A computer-readable recording medium storing 35 
programs for causing a computer to execute the fol- 
lowing procedures: 

a procedure for creating a member list includ- 
ing the public key of at one or more members to 40 
which broadcast communication is to be con- 
ducted; and 

a procedure for retrieving and storing said pub- 
lic key. 

45 

93. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing procedures: 

a procedure for retrieving and storing a mem- so 
ber list via a network; and 
a procedure for retrieving the broadcast com- 
munication text, and encrypting said broadcast 
communication text using the public key 
included in said members list. 55 

94. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 



lowing procedures: 

a procedure for obtaining encrypted message 
transmitted from said message broadcast 
device; and 

a procedure for decrypting encrypted informa- 
tion included in said encrypted message. 

95. A computer-readable recording medium storing 
programs for causing a computer to execute the fol- 
lowing procedures: 

a procedure for performing administration of 
the destination list; 

a procedure for replicating transmitted 
encrypted message; and 
a procedure for distributing the replicated 
encrypted message to the each member to 
receive distribution. 

96. A team data list administration device, comprising: 

a list creator verification unit for notifying a cer- 
tain request destination of information for per- 
forming personal identification/authentication 
regarding an individual instructing changes, the 
team data list which includes information relat- 
ing to a team comprised of members mutually 
sharing resources and the digital signature of a 
master having administrative authority regard- 
ing said information and which has been pre- 
pared according to the authority of the 
members of the team is obtained from said 
request destination, and for confirming whether 
or not a master having authority created said 
team data list, based on the contents of said 
received team data list; 

a list modification unit for modifying said team 
data list which has been confirmed to be a 
team data list created by said master having 
authority, according to said modifying instruc- 
tions; and 

a signing unit for creating a digital signature of 
the individual instructing the change, and affix- 
ing said digital signature to the modified team 
data list and sending said team data list to said 
request destination. 

97. A team data list administration device according to 
Claim 96, said team data list comprising: 

at least one member list including member 
information relating to said member and the 
digital signature of said master; and 
a master list including master information indi- 
cating the privilege of said master and the dig- 
ital signature of said master. 
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98. A team data list administration device according to 
Claim 97, wherein said master includes a team 
master having privilege to modify said master list, 
with said instruction to change being an instruction 

to change from said team master; 5 
wherein said list creator verification unit verifies the 
digital signature of said member list at the transition 
state and master list at the transition state owing to 
being returned from said request destination corre- 
sponding to the member list and master list sent to 10 
said request destination and thereby changed; 
and wherein said signature unit creates the digital 
signature of said master following the instructed 
modification owing to directive of modification, and 
returns the new member list and new master list 15 
formed by affixing said digital signature to said 
member list at the transition state and master list at 
the transition state. 

99. A team data list administration device according to 20 
Claim 98, further comprising: 



100.A team data list administration device according to 35 
Claim 99, further comprising: 



data list which includes information relating to a 
team comprised of members mutually sharing 
resources and the digital signature of a master 
having administrative privilege regarding said 
information and which has been prepared 
according to the authority of members of the 
team; 

a first permission test unit for judging to a refer- 
ence request from a certain request source, 
whether or not a director has the privilege for 
said request, based on said team data list and 
information for performing personal identifica- 
tion/authentication of said director who has 
made the request, and sending out said team 
data list only to request sources including said, 
director having privilege; and 
a second permission test unit for confirming the 
validity of a team data list in a modification 
request from said request source, based on the 
contents of the team data list sent from said 
request source, and for updating the stored 
contents of said time data list with the team 
data list regarding which the validity thereof 
has been confirmed. 

102. A team data list storing device according to Claim 

101 , said team data storing unit comprising: 

a member list storing unit for storing one or 
more member lists including at least member 
information relating to said members, and the 
digital signature of said master; and 
a master list storing unit for storing a master list 
including at least master information indicating 
the authority of said master, and the digital sig- 
nature of said master. 

103. A team data list storing device according to Claim 

102, wherein said master includes a team master 
having privilege to modify said master list, said sec- 
ond permission test unit further comprising: 

a master list holding unit for holding the master 
list before a modification owing to a directive 
notified from said director to modify said team 
master, as a prior master list; 
a portion for receiving from said request source 
the transitional master list and transitional 
member list in which information regarding said 
team master has been modified, out of said 
master list and said member list sent out to said 
request source by request of said request 
source, and detecting the modification in said 
team master based on these lists; 
a portion for confirming the validity of the mod- 
ification of said team master, based on said 
transitional master list and transitional member 
list as well as said prior master list, with detect- 



a modification verification unit for verifying that 
said team master has been modified by means 
of legal procedures, based on the modification 40 
in contents of the master list obtained at the 
time of said directive of modification, the mas- 
ter list at said transition state, and said new 
master list; and 

an identification information updating unit for 45 
obtaining identification information for the team 
master following the modification instructed by 
said directive to modify, and updating the iden- 
tification information of the team master before 
the modification which is registered in said reg- 50 
istration unit by identification information, with 
confirmation of said modification being a pre- 
requisite to this operation of said identification 
information updating unit. 

55 

101 .A team data list storing device, comprising: 

a team data list storing unit for storing the team 



10 



15 



a registration unit for obtaining identification 
information for personal identification of said 
team master from a certain location, and regis- 25 
tering said information; and 
a team master verification unit for verifying 
whether or not the digital signature of said mas- 
ter is the digital signature of said team master, 
based on identification information of said team 30 
master, and the digital signature of said master 
included in said member list and said master 
list sent from said request destination. 
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ing of said modification being a prerequisite to 
this operation; and 

a portion for receiving the new master list and 
new member list to which is attached the digital 
signature of the post-modification chief master 5 
specified by said directive of modification, as to 
the transitional master list and transitional 
member list sent out to said request source 
with confirmation of the validity thereof as a 
prerequisite, and for confirming the authority of 10 
these lists and modifying the stored contents of 
said member list storing unit and said master 
list storing portion. 

104. A team data list processing system, comprising: 15 

a team data list administration device accord- 
ing to Claim 96 which is the request source; 
and 

a team data list storing device according to 20 
Claim 1 01 , which is the request destination. 

105. A computer-readable recording medium storing 
team data list administration programs for causing a 
computer to execute the following procedures: 25 

a process for notifying a certain request desti- 
nation of information for performing personal 
identification/authentication regarding a direc- 
tor of the modifications, the team data list which 30 
includes information relating to a team com- 
prised of members mutually sharing resources 
and the digital signature of a master having 
administrative authority regarding said informa- 
tion and which has been prepared according to 35 
the privilege of the members of the team is 
obtained from said request destination; 
a processing for confirming whether or not a 
master having privilege created said team data 
list, based on the contents of said received 40 
team data list; 

a list modification process for modifying said 
team data list which has been confirmed to be 
a team data list created by said master having 
privilege, according to said modification direc- 45 
tive; and 

a signing process for creating a digital signa- 
ture of the director of the modification, and 
affixing said digital signature to the modified 
team data list and sending said team data list to 50 
said request destination. 

106. A computer-readable recording medium storing 
team data list administration programs for causing a 
computer to execute the following procedures: 55 

a process for storing the team data list which 
includes information relating to a team com- 



prised of members mutually sharing resources 
and the digital signature of a master having 
administrative privilege regarding said informa- 
tion and which has been prepared according to 
the authority of members of the team; 
a process forjudging whether or not a director 
of a reference request from a certain request 
source has the privilege for said request, based 
on said team data list and information for per- 
forming personal identification/authentication 
of the director who has made the request, and 
sending out said team data list only to request 
sources including a director having privilege; 
and 

a permission test process for testing the per- 
mission of a team data list in a modification 
request from said request source, based on the 
contents of the team data list sent from said 
request source, and for updating the stored 
contents of said time data list with the team 
data list regarding which the validity thereof 
has been confirmed. 
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